mirror of
https://gitea.invidious.io/iv-org/invidious-copy-2022-04-11.git
synced 2024-08-15 00:43:26 +00:00
Add X-XSS-Protection and X-Content-Type-Options
This commit is contained in:
parent
e590d39aa9
commit
e6d2166bac
1 changed files with 3 additions and 0 deletions
|
@ -106,6 +106,9 @@ spawn do
|
||||||
end
|
end
|
||||||
|
|
||||||
before_all do |env|
|
before_all do |env|
|
||||||
|
env.response.headers["X-XSS-Protection"] = "1; mode=block;"
|
||||||
|
env.response.headers["X-Content-Type-Options"] = "nosniff"
|
||||||
|
|
||||||
if env.request.cookies.has_key? "SID"
|
if env.request.cookies.has_key? "SID"
|
||||||
headers = HTTP::Headers.new
|
headers = HTTP::Headers.new
|
||||||
headers["Cookie"] = env.request.headers["Cookie"]
|
headers["Cookie"] = env.request.headers["Cookie"]
|
||||||
|
|
Loading…
Reference in a new issue