标签: headers

/etc/nginx/sites-available/default

server {
    listen 80 default_server;
    listen [::]:80 default_server ipv6only=on;

    root /usr/share/nginx/html;
    index index.html index.htm;

    # Make site accessible from http://localhost/
    server_name mywebsite.net;
    return 301 https://$host$request_uri;
}
server {
    listen 443;
    server_name localhost mywebsite.net;
    ssl on;
    ssl_certificate /etc/ssl/certs/odoo.crt;
    ssl_certificate_key /etc/ssl/private/odoo.key;

    ssl_session_timeout 5m;

    ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers "HIGH:!aNULL:!MD5 or HIGH:!aNULL:!MD5:!3DES";
    ssl_prefer_server_ciphers on;

    location / {
      #     try_files $uri $uri/ =404;
             proxy_pass http://127.0.0.1:8069;
            include proxy_params;
    }
    location ~ \.(css|js|png|gif|jpeg|jpg|swf|ico|woff){
        root /usr/lib/python2.7/dist-packages/openerp/addons;
        expires 360d;
    }

}

/etc/nginx/proxy_params

proxy_set_header Host $http_host;
proxy_set_header …

有没有办法获得浏览器为每个请求发送到服务器的请求标头的总大小（以字节为单位）？

我设置了一个 HAProxy 来将流量重定向到一些内部服务器。

我要做的是根据请求主机设置一些响应标头。不幸的是，我无法让它工作。

当前设置如下所示

acl mywebsite req.hdr(host) -i example.com

http-response set-header X-Frame-Options SAMEORIGIN if mywebsite
http-response set-header X-XSS-Protection 1;mode=block if mywebsite
http-response set-header X-Content-Type-Options nosniff if mywebsite

据我了解，http-response set-header 无法读取请求标头。有没有办法解决？

作为快速背景，我们有垃圾邮件与我们的域名一起发送。因此，我们已将 SPF 记录添加到我们的域 DNS，现在显然这将有助于确保不会发送此垃圾邮件，但问题是此垃圾邮件是否实际上来自我们的服务器。我们收到了来自我们的主机提供商的滥用报告，其中包含以下标题

Received: from mx.poczta.onet.pl (unresolved [10.174.34.83]:53105)
    by ps15.m5r2.onet (Ota) with LMTP id 6B66CFF656749
    for <x>; Fri, 10 Mar 2017 23:36:17 +0100 (CET)
Received: from www.mydomain.com (unknown [xxx.xxx.xxx.xxx])
    by mx.poczta.onet.pl (Onet) with ESMTP id 3vg2DJ4tX1z92
    for <x>; Fri, 10 Mar 2017 23:36:16 +0100 (CET)
Date: Fri, 10 Mar 2017 17:36:15 -0500
To: x
From: Bethany <bethany@mydomain.com>
Subject: [SPAM] Do you want to give your man a strong...?
Message-ID: <8399________________________58f3@www.mydomain.com>
X-Priority: 3
MIME-Version: 1.0
Content-Type: multipart/alternative;
    boundary="b1_8399a58bdbb7157cb3aeb3dc3e3f58f3"
Content-Transfer-Encoding: 8bit …