From 0e33d1b372caa8d742a088bee0b4cab5cfceca9b Mon Sep 17 00:00:00 2001
From: Emilien Mantel <emilien.mantel@debianiste.org>
Date: Thu, 9 Feb 2017 12:03:14 +0100
Subject: [PATCH] Auto quote headers values

---
 templates/etc/nginx/sites-available/_base.j2 | 2 +-
 vars/main.yml                                | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/templates/etc/nginx/sites-available/_base.j2 b/templates/etc/nginx/sites-available/_base.j2
index 1bb8aca..d495b13 100644
--- a/templates/etc/nginx/sites-available/_base.j2
+++ b/templates/etc/nginx/sites-available/_base.j2
@@ -69,7 +69,7 @@ server {
 {% block template_headers %}
 	# --> Custom headers
 {% for key, value in __headers.iteritems() %}
-	add_header {{ key }} {{ value | replace(' always', '') }}{% if nginx_version.stdout | version_compare('1.7.5', 'ge') and ' always' in value %} always{% endif %};
+	add_header {{ key }} "{{ value | replace(' always', '') }}"{% if nginx_version.stdout | version_compare('1.7.5', 'ge') and ' always' in value %} always{% endif %};
 {% endfor %}
 	# <-- Custom headers
 {% endblock %}
diff --git a/vars/main.yml b/vars/main.yml
index f7a8966..a8587d3 100644
--- a/vars/main.yml
+++ b/vars/main.yml
@@ -42,7 +42,7 @@ nginx_templates_no_dir:
 nginx_servers_default_headers:
   'X-Frame-Options': 'DENY always'
   'X-Content-Type-Options': 'nosniff always'
-  'X-XSS-Protection': '"1; mode=block"'
+  'X-XSS-Protection': '1; mode=block'
 
 nginx_upstream_php56: 'php56'
 nginx_upstream_php70: 'php70'