From 1cd0a96ad09928535dd6fd9c884f5a7a81d71346 Mon Sep 17 00:00:00 2001
From: andryyy <andre.peters@debinux.de>
Date: Mon, 17 May 2021 21:21:35 +0200
Subject: [PATCH] [Nginx, SOGo] Set mime type text/plain instead of returning
 403 when opening risky attachments

---
 data/conf/nginx/includes/site-defaults.conf | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/data/conf/nginx/includes/site-defaults.conf b/data/conf/nginx/includes/site-defaults.conf
index 842e59cc..061f958b 100644
--- a/data/conf/nginx/includes/site-defaults.conf
+++ b/data/conf/nginx/includes/site-defaults.conf
@@ -177,7 +177,18 @@
 
   location ^~ /SOGo {
     location ~* ^/SOGo/so/.*\.(xml|js|html|xhtml)$ {
-      return 403;
+      include /etc/nginx/conf.d/sogo_proxy_auth.active;
+      include /etc/nginx/conf.d/sogo.active;
+      proxy_set_header X-Real-IP $remote_addr;
+      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+      proxy_set_header Host $http_host;
+      proxy_set_header x-webobjects-server-protocol HTTP/1.0;
+      proxy_set_header x-webobjects-remote-host $remote_addr;
+      proxy_set_header x-webobjects-server-name $server_name;
+      proxy_set_header x-webobjects-server-url $client_req_scheme://$http_host;
+      proxy_set_header x-webobjects-server-port $server_port;
+      proxy_hide_header Content-Type;
+      add_header Content-Type text/plain;
       break;
     }
     include /etc/nginx/conf.d/sogo_proxy_auth.active;