Mercurial > gemma
annotate pkg/middleware/nosniff.go @ 5710:37c8feeecb4d
Merged branch sr-v2 into default.
| author | Sascha L. Teichmann <sascha.teichmann@intevation.de> |
|---|---|
| date | Tue, 20 Feb 2024 21:28:56 +0100 |
| parents | 1222b777f51f |
| children |
| rev | line source |
|---|---|
|
5283
fdbc28a71691
Made setting of No Sniff headers for served files a reusable middleware.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
1 // This is Free Software under GNU Affero General Public License v >= 3.0 |
|
fdbc28a71691
Made setting of No Sniff headers for served files a reusable middleware.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
2 // without warranty, see README.md and license for details. |
|
fdbc28a71691
Made setting of No Sniff headers for served files a reusable middleware.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
3 // |
|
fdbc28a71691
Made setting of No Sniff headers for served files a reusable middleware.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
4 // SPDX-License-Identifier: AGPL-3.0-or-later |
|
fdbc28a71691
Made setting of No Sniff headers for served files a reusable middleware.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
5 // License-Filename: LICENSES/AGPL-3.0.txt |
|
fdbc28a71691
Made setting of No Sniff headers for served files a reusable middleware.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
6 // |
|
fdbc28a71691
Made setting of No Sniff headers for served files a reusable middleware.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
7 // Copyright (C) 2020 by via donau |
|
fdbc28a71691
Made setting of No Sniff headers for served files a reusable middleware.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
8 // – Österreichische Wasserstraßen-Gesellschaft mbH |
|
fdbc28a71691
Made setting of No Sniff headers for served files a reusable middleware.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
9 // Software engineering by Intevation GmbH |
|
fdbc28a71691
Made setting of No Sniff headers for served files a reusable middleware.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
10 // |
|
fdbc28a71691
Made setting of No Sniff headers for served files a reusable middleware.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
11 // Author(s): |
|
fdbc28a71691
Made setting of No Sniff headers for served files a reusable middleware.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
12 // * Sascha L. Teichmann <sascha.teichmann@intevation.de> |
|
fdbc28a71691
Made setting of No Sniff headers for served files a reusable middleware.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
13 |
|
fdbc28a71691
Made setting of No Sniff headers for served files a reusable middleware.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
14 package middleware |
|
fdbc28a71691
Made setting of No Sniff headers for served files a reusable middleware.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
15 |
|
fdbc28a71691
Made setting of No Sniff headers for served files a reusable middleware.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
16 import "net/http" |
|
fdbc28a71691
Made setting of No Sniff headers for served files a reusable middleware.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
17 |
|
5601
1222b777f51f
Made golint finally happy.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
5283
diff
changeset
|
18 // NoSniff returns a wrapper middleware which adds |
|
1222b777f51f
Made golint finally happy.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
5283
diff
changeset
|
19 // sameorigin and nosniff headers to the delivered response. |
|
5283
fdbc28a71691
Made setting of No Sniff headers for served files a reusable middleware.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
20 func NoSniff(next http.Handler) http.Handler { |
|
fdbc28a71691
Made setting of No Sniff headers for served files a reusable middleware.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
21 return http.HandlerFunc(func(res http.ResponseWriter, req *http.Request) { |
|
fdbc28a71691
Made setting of No Sniff headers for served files a reusable middleware.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
22 res.Header().Set("X-Frame-Options", "sameorigin") |
|
fdbc28a71691
Made setting of No Sniff headers for served files a reusable middleware.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
23 res.Header().Set("X-Content-Type-Options", "nosniff") |
|
fdbc28a71691
Made setting of No Sniff headers for served files a reusable middleware.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
24 next.ServeHTTP(res, req) |
|
fdbc28a71691
Made setting of No Sniff headers for served files a reusable middleware.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
25 }) |
|
fdbc28a71691
Made setting of No Sniff headers for served files a reusable middleware.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
26 } |