Mirrors/photoprism
1
0
Fork 0
mirror of https://github.com/photoprism/photoprism.git synced 2026-01-23 10:26:03 +00:00
Code Issues Projects Releases Wiki Activity
photoprism/pkg/header/security.go
Michael Mayer 9b8086b91c HTTP: Add additional header names, values, and policies to /pkg/header 
Signed-off-by: Michael Mayer <michael@photoprism.app>
2024-11-07 14:11:39 +01:00

28 lines
1.5 KiB
Go
Raw Permalink Blame History

package header
// HTTP/HTTPS security headers.
const (
StrictTransportSecurity = "Strict-Transport-Security" // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security
ContentSecurityPolicy = "Content-Security-Policy" // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy
CrossOriginOpenerPolicy = "Cross-Origin-Opener-Policy" // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cross-Origin-Opener-Policy
ReferrerPolicy = "Referrer-Policy" // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy
ContentTypeOptions = "X-Content-Type-Options" // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options
XSSProtection = "X-XSS-Protection" // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection
FrameOptions = "X-Frame-Options" // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
ForwardedProto = "X-Forwarded-Proto" // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Forwarded-Proto
)
// Standard security policies.
const (
PolicyDeny = "DENY"
PolicyNoSniff = "nosniff"
PolicyBlockXSS = "1; mode=block"
PolicySameOrigin = "same-origin"
PolicyFrameAncestorsNone = "frame-ancestors 'none';"
)
// Security header default policies.
var (
DefaultContentSecurityPolicy = PolicyFrameAncestorsNone
DefaultFrameOptions = PolicyDeny
)
Reference in a new issue View git blame Copy permalink