From 36c8256f8f0757af243266f8abcbdbb034d740db Mon Sep 17 00:00:00 2001
From: Christopher Engelhard <ce@lcts.de>
Date: Wed, 30 Jun 2021 12:44:02 +0200
Subject: [PATCH] Add Referrer-Policy no-referrer always (RHBZ 1933530)

---
 nextcloud-default-nginx.conf | 1 +
 nextcloud.spec               | 1 +
 2 files changed, 2 insertions(+)

diff --git a/nextcloud-default-nginx.conf b/nextcloud-default-nginx.conf
index 77d3efe..7151521 100644
--- a/nextcloud-default-nginx.conf
+++ b/nextcloud-default-nginx.conf
@@ -12,6 +12,7 @@
         add_header X-Robots-Tag none;
         add_header X-Download-Options noopen;
         add_header X-Permitted-Cross-Domain-Policies none;
+        add_header Referrer-Policy no-referrer always;
 
 
         # set max upload size
diff --git a/nextcloud.spec b/nextcloud.spec
index 81de851..4eeb387 100644
--- a/nextcloud.spec
+++ b/nextcloud.spec
@@ -510,6 +510,7 @@ fi
 - Update to 21.0.2, fixes RHBZ 1977202 / CVE-2021-22915
 - Include php-fpm config in httpd subpackage
 - Set php memory limit to 512MB (RHBZ 1933529)
+- Add Referrer-policy no-referrer to nginx config (RHBZ 1933530)
 
 * Wed Feb 24 2021 Christopher Engelhard <ce@lcts.de> - 21.0.0-2
 - Drop dependency on php-imap. Fixes RHBZ #1933023