diff options
| author | Omar Roth <omarroth@hotmail.com> | 2018-09-05 21:51:40 -0500 |
|---|---|---|
| committer | Omar Roth <omarroth@hotmail.com> | 2018-09-05 21:51:40 -0500 |
| commit | e6d2166bacf9398930020025e77ba6a2209d502e (patch) | |
| tree | cf4f9805298a83de7f85ddbfdc7fd1503acbc324 | |
| parent | e590d39aa9a29577ad21c5d0bcf29f39cd9709f2 (diff) | |
| download | invidious-e6d2166bacf9398930020025e77ba6a2209d502e.tar.gz invidious-e6d2166bacf9398930020025e77ba6a2209d502e.tar.bz2 invidious-e6d2166bacf9398930020025e77ba6a2209d502e.zip | |
Add X-XSS-Protection and X-Content-Type-Options
| -rw-r--r-- | src/invidious.cr | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/src/invidious.cr b/src/invidious.cr index 433c84c7..8fa9f581 100644 --- a/src/invidious.cr +++ b/src/invidious.cr @@ -106,6 +106,9 @@ spawn do end before_all do |env| + env.response.headers["X-XSS-Protection"] = "1; mode=block;" + env.response.headers["X-Content-Type-Options"] = "nosniff" + if env.request.cookies.has_key? "SID" headers = HTTP::Headers.new headers["Cookie"] = env.request.headers["Cookie"] |