Browse Source

[webconsole] security hardening headers (closes #1464)

Signed-off-by: r4sas <r4sas@i2pmail.org>
pull/1502/head
R4SAS 5 years ago
parent
commit
b3974cb52a
Signed by: r4sas
GPG Key ID: 66F6C87B98EBCFE2
  1. 2
      daemon/HTTPServer.cpp

2
daemon/HTTPServer.cpp

@ -1141,6 +1141,8 @@ namespace http { @@ -1141,6 +1141,8 @@ namespace http {
void HTTPConnection::SendReply (HTTPRes& reply, std::string& content)
{
reply.add_header("X-Frame-Options", "SAMEORIGIN");
reply.add_header("X-Content-Type-Options", "nosniff");
reply.add_header("X-XSS-Protection", "1; mode=block");
reply.add_header("Content-Type", "text/html");
reply.body = content;

Loading…
Cancel
Save