Bug #11163
closed
Bug #11159: JSESSION cookie should be "secure"
Enable mod header for apache
Description
We need mod_header enabled by default on our apache.
Updated by François ARMAND over 6 years ago
- Assignee changed from François ARMAND to Benoît PECCATTE
So, it is already enabled for debian-like in 3.1:
xxx/rudder-project/rudder-packages (branches/rudder/3.1) == % rg headers ... rudder-webapp/debian/postinst 37: MODULES_TO_ENABLE="dav_fs rewrite proxy_http headers ssl filter deflate" ...
And it is in rudder 4.1 for rpm-based:
xxx/rudder-project/rudder-packages (branches/rudder/4.1)
% rg headers
...
rudder-webapp/SOURCES/rudder-webapp-apache
2:APACHE_MODULES="${APACHE_MODULES} rewrite dav dav_fs proxy proxy_http headers ssl version"
...
But I don't understand what is happening for rpm-based distro on 3.1 branch:
- there is no rudder-webapp-apache file
- there is a minimalist "rudder-server-relay/SOURCES/rudder-relay-apache" with only: APACHE_MODULES="${APACHE_MODULES} dav dav_fs ssl version"
- there is in rudder-webapp/SPECS/rudder-webapp.spec if test for some old mod to replace
But I don't see where we are telling for the webapp (not relay only), not when replacing the old mod line where we are enabling "rewrite dav dav_fs proxy proxy_http" (and it should be the place where we should add "headers").
I believe someone more versed in packaging should look to that.
Updated by François ARMAND over 6 years ago
- Status changed from New to Rejected
So, in fact /etc/sysconfig/rudder-apache comes from (in 3.1 only) rudder webapp: rudder-web/src/main/resources/apache2-sysconfig.
That file correctly contains headers, so I'm closing that ticket.