Mitigate https://httpoxy.org/ vulnerabilities in nginx.conf

See: https://www.nginx.com/blog/mitigating-the-httpoxy-vulnerability-with-nginx/#Defeating-the-Attack-using-NGINX-and-NGINX-Plus
pimcore · Nov 12, 2021 · c1c5367 · c1c5367
1 parent e8a2094
commit c1c5367
Showing 1 changed file with 4 additions and 1 deletion.
diff --git a/.docker/nginx.conf b/.docker/nginx.conf
@@ -130,6 +130,9 @@ server {
         fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
         fastcgi_param DOCUMENT_ROOT $realpath_root;
 
+        # Mitigate https://httpoxy.org/ vulnerabilities
+        fastcgi_param HTTP_PROXY "";
+
         # If Xdebug session is requested, pass it to the Xdebug enabled container
         if ($http_cookie ~* "XDEBUG_SESSION") {
             fastcgi_pass php-pimcore10-debug;
@@ -164,4 +167,4 @@ server {
         access_log off;
         stub_status;
     }
-}
+}