탐색 도움말
로그인
LBP
/
miniflux_v2
의 미러 https://github.com/miniflux/v2.git
4
0
포크 0
파일 이슈 0 위키
트리: 2.2.16
브랜치 태그
miniflux_v2
/
internal
/
http
/
response
/
response.go

response.go 906 B
고유링크 히스토리 Raw

1234567891011121314 
  1. // SPDX-FileCopyrightText: Copyright The Miniflux Authors. All rights reserved.
    2. 

  2. // SPDX-License-Identifier: Apache-2.0
    3. 

  3. 

  4. package response // import "miniflux.app/v2/internal/http/response"
    5. 

  5. 

  6. // ContentSecurityPolicyForUntrustedContent is the default CSP for untrusted content.
    7. 

  7. // default-src 'none' disables all content sources
    8. 

  8. // form-action 'none' disables all form submissions
    9. 

  9. // sandbox enables a sandbox for the requested resource
    10. 

  10. // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy
    11. 

  11. // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/form-action
    12. 

  12. // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/sandbox
    13. 

  13. // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/default-src
    14. 

  14. const ContentSecurityPolicyForUntrustedContent = `default-src 'none'; form-action 'none'; sandbox;`
    15.