atoll rules and already did this. Filing to track...
Created attachment 655029 [details] ported all relevant zeus rules applicable to browserid to nginx as of 20120808 This does not include the verifier pool selector, nor does it include recent changes to block login.p.o/verify (since they weren't in place in production as of 20120808).
(In reply to Richard Soderberg [:atoll] from comment #1) > Created attachment 655029 [details] > ported all relevant zeus rules applicable to browserid to nginx as of > 20120808 This does specifically replace the rules "X-Forwarded-For", "add ssl headers to requests", "anosrep-redirect", "add HSTS response header", "sanitize version response headers". Attachment is untested but basically sound. Returning this to the general work pool.
Assignee: rsoderberg → nobody
Status: NEW → RESOLVED
Last Resolved: 4 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.