Home Esplora Aiuto
Accedi
LBP
/
miniflux_v2
mirror da https://github.com/miniflux/v2.git
4
0
Forka 0
File Problemi 0 Wiki
Albero (Tree): cfc1f3eb69
Rami (Branch) Tag
miniflux_v2
/
middleware
/
common_headers.go

common_headers.go 806 B
Cronologia Originale

12345678910111213141516171819202122232425 
  1. // Copyright 2018 Frédéric Guillot. All rights reserved.
    2. 

  2. // Use of this source code is governed by the Apache 2.0
    3. 

  3. // license that can be found in the LICENSE file.
    4. 

  4. 

  5. package middleware
    6. 

  6. 

  7. import (
    8. 

  8. 	"net/http"
    9. 

  9. )
    10. 

  10. 

  11. // CommonHeaders sends common HTTP headers.
    12. 

  12. func (m *Middleware) CommonHeaders(next http.Handler) http.Handler {
    13. 

  13. 	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
    14. 

  14. 		w.Header().Set("X-XSS-Protection", "1; mode=block")
    15. 

  15. 		w.Header().Set("X-Content-Type-Options", "nosniff")
    16. 

  16. 		w.Header().Set("X-Frame-Options", "DENY")
    17. 

  17. 		w.Header().Set("Content-Security-Policy", "default-src 'self'; img-src *; media-src *; frame-src *; child-src *")
    18. 

  18. 

  19. 		if m.cfg.IsHTTPS && m.cfg.HasHSTS() {
    20. 

  20. 			w.Header().Set("Strict-Transport-Security", "max-age=31536000")
    21. 

  21. 		}
    22. 

  22. 

  23. 		next.ServeHTTP(w, r)
    24. 

  24. 	})
    25. 

  25. }
    26.