Mirrors/linx-server
1
0
Fork 0
mirror of https://github.com/ZizzyDizzyMC/linx-server.git synced 2026-01-23 02:14:33 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge pull request #83 from mutantmonkey/csp_frame_ancestors

Browse source 
Use Content-Security-Policy frame-ancestors
This commit is contained in:
Andrei Marcu 2016-06-05 00:29:13 -07:00
commit 61eb32a79b
2 changed files with 4 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

4
server.go
View file

@ -215,10 +215,10 @@ func main() {
flag.StringVar(&Config.remoteAuthFile, "remoteauthfile", "",
"path to a file containing newline-separated scrypted auth keys for remote uploads")
flag.StringVar(&Config.contentSecurityPolicy, "contentsecuritypolicy",
"default-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; referrer origin;",
"default-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; frame-ancestors 'self'; referrer origin;",
"value of default Content-Security-Policy header")
flag.StringVar(&Config.fileContentSecurityPolicy, "filecontentsecuritypolicy",
"default-src 'none'; img-src 'self'; object-src 'self'; media-src 'self'; style-src 'self' 'unsafe-inline'; referrer origin;",
"default-src 'none'; img-src 'self'; object-src 'self'; media-src 'self'; style-src 'self' 'unsafe-inline'; frame-ancestors 'self'; referrer origin;",
"value of Content-Security-Policy header for file access")
flag.StringVar(&Config.xFrameOptions, "xframeoptions", "SAMEORIGIN",
"value of X-Frame-Options header")