Added a Content Security Policy for upgrading insecure images to HTTPS to avoid mixed content warnings.
This commit is contained in:
parent
465d5c7835
commit
41c3a5bb4a
|
@ -278,6 +278,10 @@ func preRoute(w http.ResponseWriter, r *http.Request) (User, bool) {
|
|||
}
|
||||
}
|
||||
|
||||
// TODO: Add a config setting to disable this header
|
||||
// TODO: Have this header cover more things
|
||||
w.Header().Set("Content-Security-Policy", "upgrade-insecure-requests")
|
||||
|
||||
if user == &GuestUser {
|
||||
usercpy.LastIP = host
|
||||
return *usercpy, true
|
||||
|
|
Loading…
Reference in New Issue