On Fri, Jun 07, 2019 at 09:51:49PM +, Andrew Andonopoulos wrote:
Hi there,
thanks for the fuller details. I think it makes it clear what is
happening.
> and this command to generate the md5:
>
> echo -n 'enigma/hls/justin-timberlake/playlist1560033000' | openssl md5
> -binary | openssl ba
Hello,
I was trying a couple of things and forgot to switch it back. I tried again and
this is the current map and secure link config:
map $uri $hls_uri {
~^(?.*).m3u8$ $base_uri;
~^(?.*).ts$ $base_uri;
default $uri;
}
secure_link $arg_md5,$arg_ex
On Fri, Jun 07, 2019 at 06:47:54PM +, Andrew Andonopoulos wrote:
Hi there,
> This is the nginx config, do you think that i should use another method? like
> auth?
It looks to me like you could try using exactly the method in the document
you mentioned previously.
https://www.nginx.com/blog
Hi Patrick,
This is the nginx config, do you think that i should use another method? like
auth?
user www;
worker_processes auto;
pid /var/run/nginx.pid;
worker_rlimit_nofile 1048576;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type text/htm
> Andreas,
>
> Do you know of any large, high traffic sites that are using HSTS today?
>
> Peter
>
For Chrome (Chromium) you can view the preload HSTS list here:
https://chromium.googlesource.com/chromium/src/net/+/master/http/transport_security_state_static.json
google / twitter / paypal to
Am 07.06.19 um 16:22 schrieb Peter Booth via nginx:
> Do you know of any large, high traffic sites that are using HSTS today?
echo "debian.org
ietf.org
web.de
gmx.net
posteo.de
mailbox.org
andreasschulze.de
paypal.com" \
| while read -r high_traffic_s
Andreas,
Do you know of any large, high traffic sites that are using HSTS today?
Peter
> On Jun 5, 2019, at 12:56 PM, A. Schulze wrote:
>
>
>
> Am 05.06.19 um 14:54 schrieb Sathish Kumar:
>> Hi Team,
>>
>> We would like to fix the HTTPS pinning vulnerability on our Nginx and Mobile
>> appl
In the context of a mobile app, pinning usually means checking the public
key of the server in your app matches what is expected. There is nothing to
configure server-side. If you change the private key used by your SSL
certificate, then your app will break. Renewing an SSL certificate doesn't
usua
