From c0ed494c3acf1acf629379f33f413d7660183855 Mon Sep 17 00:00:00 2001
From: rata <rata@users.noreply.github.com>
Date: Mon, 20 Apr 2015 21:43:45 -0300
Subject: [PATCH] templates/web.sssl.template.yml: Disable spdy header
 compression

As explained here:

https://github.com/18F/tls-standards/issues/24

We shouldn't use spdy header compression with spdy 1.3 (the one packaged with nginx).So, just disable it.
---
 templates/web.ssl.template.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/templates/web.ssl.template.yml b/templates/web.ssl.template.yml
index aa4d3ef..e0a5b5a 100644
--- a/templates/web.ssl.template.yml
+++ b/templates/web.ssl.template.yml
@@ -25,8 +25,8 @@ run:
 
        ssl_session_tickets off;
 
-       # enable SPDY header compression
-       spdy_headers_comp 6;
+       # disable SPDY header compression (flawed in spdy < 4)
+       spdy_headers_comp 0;
 
        # remember the certificate for a year and automatically connect to HTTPS for this domain
        add_header Strict-Transport-Security 'max-age=31536000';
-- 
2.25.1