From f2285924730a574f29501bd21dfdc4f21fa433cb Mon Sep 17 00:00:00 2001
From: Quentin Dufour <quentin@deuxfleurs.fr>
Date: Mon, 11 Mar 2024 08:37:40 +0100
Subject: [PATCH] Ajout de la regex dans le query parameter du http-bind aussi

---
 cluster/prod/app/jitsi/config/nginx.conf | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/cluster/prod/app/jitsi/config/nginx.conf b/cluster/prod/app/jitsi/config/nginx.conf
index 01177b5..53c8596 100644
--- a/cluster/prod/app/jitsi/config/nginx.conf
+++ b/cluster/prod/app/jitsi/config/nginx.conf
@@ -97,6 +97,10 @@ http {
     }
 
     location = /http-bind {
+	if ($args ~ "2daut2wank2|2duat2wank|2duat2wank0|2duat2wank1|2duat2wank2|2duat2wank3|2duatr2wank|2duatr2wank0|2duatr2wank1|2duatr2wank2|2wank2daut2|daut1|duat2wank|duat2wank2|duatr2wank2|prettypanties|slutgfs|wabk2daugther|wank2daugther|wank2daut|wank2daut2|wank2daut3|wankwatch") {
+	    return 403 'forbidden';
+	}
+
         # We add CORS to use a different frontend which is useful for load testing as we do not want to advertise too much our URL
         add_header 'Access-Control-Allow-Headers' 'content-type';
         add_header 'Access-Control-Allow-Methods' 'GET,POST,PUT,DELETE,OPTIONS';