Mercurial > gemma
diff pkg/middleware/jsonhandler.go @ 4829:f4ec3558460e
Set some nosniff http headers.
| author | Sascha L. Teichmann <sascha.teichmann@intevation.de> |
|---|---|
| date | Wed, 06 Nov 2019 18:00:50 +0100 |
| parents | 4394daeea96a |
| children | 5f47eeea988d |
line wrap: on
line diff
--- a/pkg/middleware/jsonhandler.go Tue Nov 05 14:31:22 2019 +0100 +++ b/pkg/middleware/jsonhandler.go Wed Nov 06 18:00:50 2019 +0100 @@ -183,6 +183,8 @@ if jr.Code != http.StatusNoContent { rw.Header().Set("Content-Type", "application/json") } + rw.Header().Set("X-Content-Type-Options", "nosniff") + rw.WriteHeader(jr.Code) if jr.Code != http.StatusNoContent { var err error @@ -201,6 +203,7 @@ // with a given HTTP status code. func SendJSON(rw http.ResponseWriter, code int, data interface{}) { rw.Header().Set("Content-Type", "application/json") + rw.Header().Set("X-Content-Type-Options", "nosniff") rw.WriteHeader(code) if err := json.NewEncoder(rw).Encode(data); err != nil { log.Printf("error: %v\n", err)