Comment out unsafe directives by default

2026-01-01 13:18:06 -06:00 · 2020-01-24 12:33:25 +08:00
parent 8e9220b37a
commit d536a8c10f
1 changed files with 4 additions and 4 deletions
--- a/NGINX-Reverse-Proxy-for-Web-UI.md
+++ b/NGINX-Reverse-Proxy-for-Web-UI.md
@@ -11,10 +11,10 @@ location /qbt/ {
    # You should consider disable "Enable Cross-site request forgery (CSRF) protection"
    # setting in qBittorrent instead of using these directives to tamper the headers.
    # The setting is located under "Options -> WebUI tab" in qBittorrent since v4.1.2.
-    proxy_hide_header       Referer;
-    proxy_hide_header       Origin;
-    proxy_set_header        Referer                 '';
-    proxy_set_header        Origin                  '';
+    #proxy_hide_header       Referer;
+    #proxy_hide_header       Origin;
+    #proxy_set_header        Referer                 '';
+    #proxy_set_header        Origin                  '';

    # Not needed since qBittorrent v4.1.0
    #add_header              X-Frame-Options         "SAMEORIGIN";