mirrors/rimgo
1
0
Fork 0
mirror of https://codeberg.org/video-prize-ranch/rimgo.git synced 2025-12-14 12:15:22 +00:00
Code Issues Projects Releases Wiki Activity

Improve CSP and security headers (closes #74)

Browse Source
This commit is contained in:
video-prize-ranch
2022-11-18 12:08:18 -05:00
parent 10289cde51
commit 5c2962d34d
5 changed files with 6 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
pages/frontpage.go
View File

@@ -11,7 +11,7 @@ func HandleFrontpage(c *fiber.Ctx) error {
utils.SetHeaders(c)
c.Set("X-Frame-Options", "DENY")
c.Set("Cache-Control", "public,max-age=31557600")
c.Set("Content-Security-Policy", "default-src 'none'; style-src 'self'; img-src 'self'; font-src 'self'; manifest-src 'self'; block-all-mixed-content")
c.Set("Content-Security-Policy", "default-src 'none'; frame-ancestors 'none'; base-uri 'none'; form-action 'none'; style-src 'self'; img-src 'self'; manifest-src 'self'; block-all-mixed-content")
return c.Render("frontpage", fiber.Map{
"proto": c.Protocol(),