a/gosora
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Added a Content Security Policy for upgrading insecure images to HTTPS to avoid mixed content warnings.

Browse Source
This commit is contained in:
Azareal 2018-08-30 15:57:07 +10:00
parent 465d5c7835
commit 41c3a5bb4a
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
common/routes_common.go
View File

@ -278,6 +278,10 @@ func preRoute(w http.ResponseWriter, r *http.Request) (User, bool) {
} }
} }
// TODO: Add a config setting to disable this header
// TODO: Have this header cover more things
w.Header().Set("Content-Security-Policy", "upgrade-insecure-requests")
if user == &GuestUser { if user == &GuestUser {
usercpy.LastIP = host usercpy.LastIP = host
return *usercpy, true return *usercpy, true