chiu
/
filebrowser
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 1 Wiki Activity

chore: add Content-Security-Policy header

This commit is contained in:
Oleg Lobanov 2021-07-26 11:08:39 +02:00
parent f2b5dd3787
commit 201329abce
No known key found for this signature in database
GPG Key ID: 7CC64E41212621B0
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
http/http.go
View File

@ -25,6 +25,12 @@ func NewHandler(
server.Clean() server.Clean()
r := mux.NewRouter() r := mux.NewRouter()
r.Use(func(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
w.Header().Set("Content-Security-Policy", `default-src 'self'`)
next.ServeHTTP(w, r)
})
})
index, static := getStaticHandlers(store, server, assetsFs) index, static := getStaticHandlers(store, server, assetsFs)
// NOTE: This fixes the issue where it would redirect if people did not put a // NOTE: This fixes the issue where it would redirect if people did not put a