root
/
rabbitmq-server
mirror of https://github.com/rabbitmq/rabbitmq-server.git
1
0
Fork 0
Code Issues Actions 1 Packages Projects Releases Wiki Activity

Schema: support for X-Content-Type-Options 

as `management.headers.content_type_options`
This commit is contained in:
Michael Klishin 2022-07-25 10:19:56 +04:00
parent 7e655b08d9
commit 02e1f65d97
No known key found for this signature in database
GPG Key ID: 8ADA141E1AD87C94
2 changed files with 76 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
deps/rabbitmq_management/priv/schema/rabbitmq_management.schema vendored
View File

@ -307,7 +307,7 @@ end}.
%% %%
%% CORS %% CORS (https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS)
%% %%
{mapping, "management.cors.allow_origins", "rabbitmq_management.cors_allow_origins", [ {mapping, "management.cors.allow_origins", "rabbitmq_management.cors_allow_origins", [
@ -371,6 +371,50 @@ fun(Conf) ->
end end
end}. end}.
%% X-Content-Type-Options (https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options)
{mapping, "management.headers.content_type_options", "rabbitmq_management.headers.content_type_options", [
{datatype, string}
]}.
{translation, "rabbitmq_management.headers.content_type_options",
fun(Conf) ->
case cuttlefish:conf_get("management.headers.content_type_options", Conf, undefined) of
undefined -> cuttlefish:unset();
Value -> Value
end
end}.
%% X-XSS-Protection (https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection)
{mapping, "management.headers.xss_protection", "rabbitmq_management.headers.xss_protection", [
{datatype, string}
]}.
{translation, "rabbitmq_management.headers.xss_protection",
fun(Conf) ->
case cuttlefish:conf_get("management.headers.xss_protection", Conf, undefined) of
undefined -> cuttlefish:unset();
Value -> Value
end
end}.
%% X-Frame-Options (https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options)
{mapping, "management.headers.frame_options", "rabbitmq_management.headers.frame_options", [
{datatype, string}
]}.
{translation, "rabbitmq_management.headers.frame_options",
fun(Conf) ->
case cuttlefish:conf_get("management.headers.content_type_options", Conf, undefined) of
undefined -> cuttlefish:unset();
Value -> Value
end
end}.
%% OAuth 2/SSO access only %% OAuth 2/SSO access only
{mapping, "management.disable_basic_auth", "rabbitmq_management.disable_basic_auth", {mapping, "management.disable_basic_auth", "rabbitmq_management.disable_basic_auth",

31
deps/rabbitmq_management/test/config_schema_SUITE_data/rabbitmq_management.snippets vendored
View File

@ -404,6 +404,37 @@
], [rabbitmq_management] ], [rabbitmq_management]
}, },
%%
%% X-Content-Type-Options
%%
{headers_content_type_options_case1,
"management.headers.content_type_options = nosniff",
[
{rabbitmq_management, [
{headers, [
{content_type_options, "nosniff"}
]}
]}
], [rabbitmq_management]
},
{csp_and_hsts_and_content_type_options_combined,
"management.csp.policy = default-src 'self' *.mailsite.com; img-src *
management.hsts.policy = max-age=31536000; includeSubDomains
management.headers.content_type_options = nosniff",
[
{rabbitmq_management, [
{content_security_policy, "default-src 'self' *.mailsite.com; img-src *"},
{strict_transport_security, "max-age=31536000; includeSubDomains"},
{headers, [
{content_type_options, "nosniff"}
]}
]}
], [rabbitmq_management]
},
%% %%
%% Legacy listener configuration %% Legacy listener configuration