Allow embedding embeds
This commit is contained in:
parent
95eaf959b0
commit
be349ec9d9
|
@ -9,6 +9,7 @@ import (
|
||||||
|
|
||||||
func HandleFrontpage(c *fiber.Ctx) error {
|
func HandleFrontpage(c *fiber.Ctx) error {
|
||||||
utils.SetHeaders(c)
|
utils.SetHeaders(c)
|
||||||
|
c.Set("X-Frame-Options", "DENY")
|
||||||
c.Set("Cache-Control", "public,max-age=31557600")
|
c.Set("Cache-Control", "public,max-age=31557600")
|
||||||
c.Set("Content-Security-Policy", "default-src 'none'; style-src 'self'; img-src 'self'; font-src 'self'; manifest-src 'self'; block-all-mixed-content")
|
c.Set("Content-Security-Policy", "default-src 'none'; style-src 'self'; img-src 'self'; font-src 'self'; manifest-src 'self'; block-all-mixed-content")
|
||||||
|
|
||||||
|
|
|
@ -11,6 +11,7 @@ import (
|
||||||
|
|
||||||
func HandlePost(c *fiber.Ctx) error {
|
func HandlePost(c *fiber.Ctx) error {
|
||||||
utils.SetHeaders(c)
|
utils.SetHeaders(c)
|
||||||
|
c.Set("X-Frame-Options", "DENY")
|
||||||
c.Set("Content-Security-Policy", "default-src 'none'; media-src 'self'; style-src 'self'; img-src 'self'; font-src 'self'; manifest-src 'self'; block-all-mixed-content")
|
c.Set("Content-Security-Policy", "default-src 'none'; media-src 'self'; style-src 'self'; img-src 'self'; font-src 'self'; manifest-src 'self'; block-all-mixed-content")
|
||||||
|
|
||||||
post, err := types.Album{}, error(nil)
|
post, err := types.Album{}, error(nil)
|
||||||
|
|
|
@ -10,6 +10,7 @@ import (
|
||||||
|
|
||||||
func HandleTag(c *fiber.Ctx) error {
|
func HandleTag(c *fiber.Ctx) error {
|
||||||
utils.SetHeaders(c)
|
utils.SetHeaders(c)
|
||||||
|
c.Set("X-Frame-Options", "DENY")
|
||||||
c.Set("Cache-Control", "public,max-age=604800")
|
c.Set("Cache-Control", "public,max-age=604800")
|
||||||
c.Set("Content-Security-Policy", "default-src 'none'; style-src 'unsafe-inline' 'self'; media-src 'self'; img-src 'self'; font-src 'self'; manifest-src 'self'; block-all-mixed-content")
|
c.Set("Content-Security-Policy", "default-src 'none'; style-src 'unsafe-inline' 'self'; media-src 'self'; img-src 'self'; font-src 'self'; manifest-src 'self'; block-all-mixed-content")
|
||||||
|
|
||||||
|
|
|
@ -12,6 +12,7 @@ import (
|
||||||
|
|
||||||
func HandleUser(c *fiber.Ctx) error {
|
func HandleUser(c *fiber.Ctx) error {
|
||||||
utils.SetHeaders(c)
|
utils.SetHeaders(c)
|
||||||
|
c.Set("X-Frame-Options", "DENY")
|
||||||
c.Set("Cache-Control", "public,max-age=604800")
|
c.Set("Cache-Control", "public,max-age=604800")
|
||||||
c.Set("Content-Security-Policy", "default-src 'none'; media-src 'self'; style-src 'unsafe-inline' 'self'; img-src 'self'; font-src 'self'; manifest-src 'self'; block-all-mixed-content")
|
c.Set("Content-Security-Policy", "default-src 'none'; media-src 'self'; style-src 'unsafe-inline' 'self'; img-src 'self'; font-src 'self'; manifest-src 'self'; block-all-mixed-content")
|
||||||
|
|
||||||
|
|
|
@ -3,7 +3,6 @@ package utils
|
||||||
import "github.com/gofiber/fiber/v2"
|
import "github.com/gofiber/fiber/v2"
|
||||||
|
|
||||||
func SetHeaders(c *fiber.Ctx) {
|
func SetHeaders(c *fiber.Ctx) {
|
||||||
c.Set("X-Frame-Options", "DENY")
|
|
||||||
c.Set("Referrer-Policy", "no-referrer")
|
c.Set("Referrer-Policy", "no-referrer")
|
||||||
c.Set("X-Content-Type-Options", "nosniff")
|
c.Set("X-Content-Type-Options", "nosniff")
|
||||||
c.Set("X-Robots-Tag", "noindex, noimageindex, nofollow")
|
c.Set("X-Robots-Tag", "noindex, noimageindex, nofollow")
|
||||||
|
|
Loading…
Reference in New Issue