Bug#1006921: apache2: security.conf can be improved

[Hendrik Jaeger <debian-bugs@henk.geekmail.org>]

Hi

I took your suggestions and prepared some merge requests.

On Tue, 08 Mar 2022 03:10:00 -0600 Daniel Lewart <lewart3@gmail.com> wrote:
> The attached patch improves security.conf (last updated Jun 24, 2015)
> in the following ways:
>   * Change Subversion example to git and improve it

I have changed the subversion example and added the same for git.
https://salsa.debian.org/apache-team/apache2/-/merge_requests/29

>   * Change obsolete X-Frame-Options to Content-Security-Policy

https://salsa.debian.org/apache-team/apache2/-/merge_requests/30
I removed the link to the docs here and …

>   * Add reference URLs to comments

… also here.
IMHO these references should not be part of the config files because keeping them up to date will cause these files to change on production systems which is unnecessary noise.
People can search the Web for these directives and mechanisms or refer to the official Apache HTTPd manual if they need to look something up.

>   * Change indentation from spaces to tabs

Also a merge request:
https://salsa.debian.org/apache-team/apache2/-/merge_requests/32

Related: uncommenting that example:
https://salsa.debian.org/apache-team/apache2/-/merge_requests/33

I’m not really involved in packaging, just currently trying to improve the apache packaging (because I have other things to do but love Productive Procrastination), so I can’t promise that any of this will be merged …

Thanks for your inputs, nevertheless!

henk