Mitigate any potential httpoxy vulnerabilities

CVE-2016-5387: Apache HTTP Server CVE-2016-1000110: Python Fixed up some documentation errs too Modified: etc/skyline.httpd.conf.d.example
earthgecko · Jul 18, 2016 · 2c0dec1 · 2c0dec1
1 parent bec5e21
commit 2c0dec1
Show file tree

Hide file tree

Showing 8 changed files with 16 additions and 5 deletions.
diff --git a/docs/_build/html/_sources/index.txt b/docs/_build/html/_sources/index.txt
@@ -5,6 +5,8 @@
 :skyblue:`Sky`:red:`line` documentation
 =======================================
 
+|docs|
+
 Contents:
 
 .. toctree::
@@ -45,3 +47,8 @@ Indices and tables
 * :ref:`genindex`
 * :ref:`modindex`
 * :ref:`search`
+
+.. |docs| image:: https://earthgecko-skyline.readthedocs.io/en/latest/?badge=latest
+    :alt: Documentation Status
+    :scale: 100%
+    :target: http://earthgecko-skyline.readthedocs.io/en/latest/?badge=latest
diff --git a/docs/_build/html/_sources/installation.txt b/docs/_build/html/_sources/installation.txt
@@ -163,7 +163,7 @@ environment, it does not lend itself to repeatability or a common known state.
     vi settings.py
 
 - If you are **upgrading**, at this point return to the
-  `Upgrading <webapp.html#apache-and-gunicorn>`__ page.
+  `Upgrading <upgrading.html>`__ page.
 - Before you test Skyline by seeding Redis with some test data, ensure
   that you have configured the firewall/iptables with the appropriate restricted
   access.

diff --git a/docs/_build/html/_sources/upgrading.txt b/docs/_build/html/_sources/upgrading.txt
@@ -138,6 +138,6 @@ documentation are still appropriate.
 - If you added the new ``skyline_test.alerters.test`` alerts tuples to your
   ``settings.py`` you can test them now, see `Alert testing <alert-testing.html>`__
 - Look at implementing the other new features at your leisure
-- Panorama was probably the quickest win if you opted to not install it
+- Panorama is probably the quickest win if you opted to not install it
 - Boundary and Mirage will take a little assessment to see what metrics
   you want to configure them for.
diff --git a/docs/_build/html/index.html b/docs/_build/html/index.html
@@ -159,6 +159,7 @@
 
   <div class="section" id="skyline-documentation">
 <h1><span class="skyblue">Sky</span><span class="red">line</span> documentation<a class="headerlink" href="#skyline-documentation" title="Permalink to this headline">¶</a></h1>
+<p><a class="reference external" href="http://earthgecko-skyline.readthedocs.io/en/latest/?badge=latest"><img alt="Documentation Status" src="https://earthgecko-skyline.readthedocs.io/en/latest/?badge=latest" /></a></p>
 <p>Contents:</p>
 <div class="toctree-wrapper compound">
 <ul>

diff --git a/docs/_build/html/installation.html b/docs/_build/html/installation.html
@@ -332,7 +332,7 @@ <h2>Steps<a class="headerlink" href="#steps" title="Permalink to this headline">
 </div>
 <ul class="simple">
 <li>If you are <strong>upgrading</strong>, at this point return to the
-<a class="reference external" href="webapp.html#apache-and-gunicorn">Upgrading</a> page.</li>
+<a class="reference external" href="upgrading.html">Upgrading</a> page.</li>
 <li>Before you test Skyline by seeding Redis with some test data, ensure
 that you have configured the firewall/iptables with the appropriate restricted
 access.</li>

diff --git a/docs/_build/html/upgrading.html b/docs/_build/html/upgrading.html
@@ -295,7 +295,7 @@ <h2>Upgrade steps<a class="headerlink" href="#upgrade-steps" title="Permalink to
 <li>If you added the new <code class="docutils literal"><span class="pre">skyline_test.alerters.test</span></code> alerts tuples to your
 <code class="docutils literal"><span class="pre">settings.py</span></code> you can test them now, see <a class="reference external" href="alert-testing.html">Alert testing</a></li>
 <li>Look at implementing the other new features at your leisure</li>
-<li>Panorama was probably the quickest win if you opted to not install it</li>
+<li>Panorama is probably the quickest win if you opted to not install it</li>
 <li>Boundary and Mirage will take a little assessment to see what metrics
 you want to configure them for.</li>
 </ul>

diff --git a/docs/upgrading.rst b/docs/upgrading.rst
@@ -138,6 +138,6 @@ documentation are still appropriate.
 - If you added the new ``skyline_test.alerters.test`` alerts tuples to your
   ``settings.py`` you can test them now, see `Alert testing <alert-testing.html>`__
 - Look at implementing the other new features at your leisure
-- Panorama was probably the quickest win if you opted to not install it
+- Panorama is probably the quickest win if you opted to not install it
 - Boundary and Mirage will take a little assessment to see what metrics
   you want to configure them for.
diff --git a/etc/skyline.httpd.conf.d.example b/etc/skyline.httpd.conf.d.example
@@ -30,6 +30,9 @@ Listen 8080
     ErrorLog "<YOUR_ERROR_LOG>"
     CustomLog "<YOUR_CUSTOM_LOG>"
 
+    # Mitigate httpoxy vulnerability
+    RequestHeader unset Proxy early
+
     # Set the Strict-Transport-Security and X-Frame-Options headers
     Header always set Strict-Transport-Security "max-age=63072000; includeSubdomains; preload"
     Header always append X-Frame-Options SAMEORIGIN