Added a Content Security Policy for upgrading insecure images to HTTPS to avoid mixed content warnings.

This commit is contained in:
Azareal 2018-08-30 15:57:07 +10:00
parent 465d5c7835
commit 41c3a5bb4a
1 changed files with 4 additions and 0 deletions

View File

@ -278,6 +278,10 @@ func preRoute(w http.ResponseWriter, r *http.Request) (User, bool) {
}
}
// TODO: Add a config setting to disable this header
// TODO: Have this header cover more things
w.Header().Set("Content-Security-Policy", "upgrade-insecure-requests")
if user == &GuestUser {
usercpy.LastIP = host
return *usercpy, true