From b58a5e377b0d61c0e85cb01f9f399b84458adbdf Mon Sep 17 00:00:00 2001
From: Marius <Acconut@users.noreply.github.com>
Date: Thu, 22 Feb 2018 08:48:44 +0100
Subject: [PATCH 1/3] Update README.md

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 6f6a41d..cf84adc 100644
--- a/README.md
+++ b/README.md
@@ -37,7 +37,7 @@ If you meet this criteria, you can clone the git repository and build the binary
 ```bash
 git clone git@github.com:tus/tusd.git
 cd tusd
-go build -o tusd cmd/tusd/main
+go build -o tusd cmd/tusd/main.go
 ```
 
 ## Running tusd

From f5826fa84fe785b161fc41cfd2fef3dc0bce04bb Mon Sep 17 00:00:00 2001
From: Marius <Acconut@users.noreply.github.com>
Date: Thu, 22 Feb 2018 21:16:14 +0100
Subject: [PATCH 2/3] Add ProxyPreserveHose to apache2 example

See https://github.com/tus/tusd/issues/86#issuecomment-367271450
---
 docs/apache2.conf | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/docs/apache2.conf b/docs/apache2.conf
index 9718504..f43a565 100644
--- a/docs/apache2.conf
+++ b/docs/apache2.conf
@@ -12,9 +12,11 @@
         SSLCertificateFile     /etc/ssl/certs/ssl-cert-snakeoil.pem
         SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
 
-        # Tell tusd that the HTTPS protocol is used, in order to
-        # allow constructing correct upload URLs.
+        # In order that tusd can construct correct upload URLs, we tell tusd
+        # that the HTTPS protocol is used and also forward the original Host
+        # Header.
         RequestHeader set X-Forwarded-Proto "https"
+        ProxyPreserveHost on
 
         # Pass requests to tusd server
         ProxyPass /files http://localhost:1080/files

From d39e9eac8ab145b181dc02fb01580d3c6baccd3d Mon Sep 17 00:00:00 2001
From: Marius <Acconut@users.noreply.github.com>
Date: Thu, 22 Feb 2018 21:28:45 +0100
Subject: [PATCH 3/3] Remove unnecessary URL matcher

See https://github.com/tus/tusd/commit/755e892e3039f333f2738d44749e6934af8c189e#r27614413, @kvz and @kiloreux
---
 .infra/kube/tusd-kube.yaml | 10 +---------
 1 file changed, 1 insertion(+), 9 deletions(-)

diff --git a/.infra/kube/tusd-kube.yaml b/.infra/kube/tusd-kube.yaml
index cffd91f..9b83ccc 100644
--- a/.infra/kube/tusd-kube.yaml
+++ b/.infra/kube/tusd-kube.yaml
@@ -75,14 +75,6 @@ metadata:
   annotations:
     kubernetes.io/tls-acme: "true"
     kubernetes.io/ingress.class: "nginx"
-    nginx.ingress.kubernetes.io/configuration-snippet: |
-      # Security: Don't allow people to upload html and then have browsers parse it
-                  if ($uri ~ \.(?!(jpe?g|gif|png|webp|webm|mp4|mpg|avi|3gp|wav|mp3))$) {
-                      add_header Content-Type application/octet-stream;
-                      add_header Content-Disposition "attachment; filename=$basename";
-                      add_header X-Download-Options noopen;
-                      add_header X-Content-Type-Options nosniff;
-                  }
     nginx.ingress.kubernetes.io/proxy-body-size: 0m
     nginx.ingress.kubernetes.io/proxy-connect-timeout: "300"
     nginx.ingress.kubernetes.io/proxy-read-timeout: "300"
@@ -124,4 +116,4 @@ spec:
     name: tusd
   minReplicas: 1
   maxReplicas: 5
-  targetCPUUtilizationPercentage: 90
\ No newline at end of file
+  targetCPUUtilizationPercentage: 90