HTTP header improvements (#294)

[akkoma] / docs / docs / configuration / onion_federation.md

diff --git a/docs/docs/configuration/onion_federation.md b/docs/docs/configuration/onion_federation.md
index 077c3eb50c6ae4170eca12ff2012fbc6d6bcd011..e4ae15fd292e6390315320501eeb6571952f83ea 100644 (file)
--- a/docs/docs/configuration/onion_federation.md
+++ b/docs/docs/configuration/onion_federation.md
@@ -14,11 +14,12 @@ apt -yq install tor
 
 **WARNING:** Onion instances not using a Tor version supporting V3 addresses will not be able to federate with you. 
 
-Create the hidden service for your Akkoma instance in `/etc/tor/torrc`:
+Create the hidden service for your Akkoma instance in `/etc/tor/torrc`, with an HTTP tunnel:
 ```
 HiddenServiceDir /var/lib/tor/akkoma_hidden_service/
 HiddenServicePort 80 127.0.0.1:8099
 HiddenServiceVersion 3  # Remove if Tor version is below 0.3 ( tor --version )
+HTTPTunnelPort 9080
 ```
 Restart Tor to generate an adress:
 ```
@@ -35,7 +36,7 @@ Next, edit your Akkoma config.
 If running in prod, navigate to your Akkoma directory, edit `config/prod.secret.exs`
 and append this line:
 ```
-config :pleroma, :http, proxy_url: {:socks5, :localhost, 9050}
+config :pleroma, :http, proxy_url: "http://localhost:9080"
 ```
 In your Akkoma directory, assuming you're running prod,
 run the following:
@@ -98,12 +99,11 @@ server {
 
     location / {
 
-        add_header X-XSS-Protection "1; mode=block";
+        add_header X-XSS-Protection "0";
         add_header X-Permitted-Cross-Domain-Policies none;
         add_header X-Frame-Options DENY;
         add_header X-Content-Type-Options nosniff;
         add_header Referrer-Policy same-origin;
-        add_header X-Download-Options noopen;
 
         proxy_http_version 1.1;
         proxy_set_header Upgrade $http_upgrade;