Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[fix] Disable gzip entirely #675

merged 1 commit into from Mar 13, 2019


None yet
1 participant
Copy link

commented Mar 9, 2019

The problem

c.f. YunoHost/issues#1315

And in particular :

The reason is that, currently, text/html is always included in the
gzipped MIME types whatever you do
[1, 2]:

Syntax: gzip_types mime-type ...;
Enables gzipping of responses for the specified MIME types
in addition to “text/html”.


Disable gzip entirely to protect against BREACH

PR Status

Not tested but this is a simple change, should be working ...

How to test

Uh I guess go on a webpage and check the headers or something


  • Principle agreement 0/2 :
  • Quick review 0/1 :
  • Simple test 0/1 :
  • Deep review 0/1 :

@alexAubin alexAubin added this to the 3.5.x milestone Mar 9, 2019


This comment has been minimized.

Copy link
Member Author

commented Mar 13, 2019


@alexAubin alexAubin merged commit 71d6f85 into stretch-unstable Mar 13, 2019

2 checks passed

continuous-integration/travis-ci/pr The Travis CI build passed
continuous-integration/travis-ci/push The Travis CI build passed

@alexAubin alexAubin deleted the disable-gzip branch Mar 13, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.