x/web-app-template
Archived
Template
2
0
Fork 0
Code Issues 13 Pull Requests 4 Actions Packages Activity

feat(security): #273 enable corp
All checks were successful
Build Docker Image / Build-Docker-Image (push) Successful in 40s
Details
Build and Push Docker Image / Build-And-Push-Docker-Image (push) Successful in 43s
Details

Browse Source
This commit was merged in pull request #276.
This commit is contained in:
Tim Wundenberg
2024-11-23 21:26:22 +01:00
parent ae32bf7232
commit 6a36eb0580
2 changed files with 16 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
handler/default.go
View File

@@ -39,5 +39,7 @@ func GetHandler(d *sql.DB, serverSettings *types.ServerSettings) http.Handler {
router,
middleware.Log,
middleware.ContentSecurityPolicy,
middleware.Cors(serverSettings))
middleware.Cors(serverSettings),
middleware.Corp,
)
}

13
middleware/corp.go Normal file
View File

@@ -0,0 +1,13 @@
package middleware
import (
"net/http"
)
func Corp(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
w.Header().Set("Cross-Origin-Resource-Policy", "same-origin")
next.ServeHTTP(w, r)
})
}