From 23de5da82fb2f5484bacf25fa99fb36994e218bc Mon Sep 17 00:00:00 2001 From: anmol26s Date: Sun, 15 Jul 2018 15:59:35 +0530 Subject: [PATCH 1/3] ifram fix and increase video size to 8 Gb --- conf/nginx.conf | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/conf/nginx.conf b/conf/nginx.conf index b7fe0bc..5377f69 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -19,8 +19,8 @@ proxy_set_header Host $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - # Hard limit, PeerTube does not support videos > 4GB - client_max_body_size 4G; + # Hard limit, PeerTube does not support videos > 8GB + client_max_body_size 8G; proxy_connect_timeout 600; proxy_send_timeout 600; proxy_read_timeout 600; @@ -53,6 +53,11 @@ alias /home/yunohost.app/__NAME__/storage/videos; } + + # Allow embeds + location /videos/embed { + proxy_hide_header X-Frame-Options; + } # Websocket tracker location /tracker/socket { From 174c8658d0a88f7a929615818fd2e45742c2bacd Mon Sep 17 00:00:00 2001 From: anmol26s Date: Sun, 15 Jul 2018 16:29:10 +0530 Subject: [PATCH 2/3] Hide x-frame header --- conf/nginx.conf | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/conf/nginx.conf b/conf/nginx.conf index 5377f69..e2ac7bd 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -1,3 +1,4 @@ + proxy_hide_header X-Frame-Options; location ~ ^/client/(.*\.(js|css|woff2|otf|ttf|woff|eot))$ { add_header Cache-Control "public, max-age=31536000, immutable"; @@ -53,11 +54,6 @@ alias /home/yunohost.app/__NAME__/storage/videos; } - - # Allow embeds - location /videos/embed { - proxy_hide_header X-Frame-Options; - } # Websocket tracker location /tracker/socket { From e200a3bbb5c24b21399c90d9f94caeb2f19bad1e Mon Sep 17 00:00:00 2001 From: anmol26s Date: Sun, 15 Jul 2018 16:57:54 +0530 Subject: [PATCH 3/3] only allow x-frame to /video/embed path for security --- conf/nginx.conf | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/conf/nginx.conf b/conf/nginx.conf index e2ac7bd..5d37dd1 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -1,4 +1,5 @@ - proxy_hide_header X-Frame-Options; + add_header X-Frame-Options https://__DOMAIN__/videos/embed; + location ~ ^/client/(.*\.(js|css|woff2|otf|ttf|woff|eot))$ { add_header Cache-Control "public, max-age=31536000, immutable";