tfgrid/projectmycelium
11
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

feat: add default Content-Security-Policy header to middleware

Browse Source
This commit is contained in:
mik-tf
2025-09-06 09:44:17 -04:00
parent 07a63cd6d7
commit ee6034b752
1 changed files with 9 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
src/middleware/mod.rs
View File

@@ -126,6 +126,15 @@ where
);
}
if !headers.contains_key(actix_web::http::header::CONTENT_SECURITY_POLICY) {
let _ = headers.insert(
actix_web::http::header::CONTENT_SECURITY_POLICY,
actix_web::http::header::HeaderValue::from_static(
"default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; connect-src 'self'; frame-ancestors 'none'"
),
);
}
Ok(res)
})
}