mirrors/calibre-web
1
0
Fork 0
mirror of https://github.com/janeczku/calibre-web synced 2024-11-28 20:39:59 +00:00
Code Issues Releases Wiki Activity

Revert the tolino stuff

Browse Source
This commit is contained in:
Ozzieisaacs 2020-09-22 20:25:58 +02:00
parent a761017116
commit 8f743b70a4
1 changed files with 4 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
cps/web.py
View File

@ -129,12 +129,10 @@ if feature_support['ldap']:
@app.after_request @app.after_request
def add_security_headers(resp): def add_security_headers(resp):
# resp.headers['Content-Security-Policy']= "script-src 'self' https://www.googleapis.com https://api.douban.com https://comicvine.gamespot.com;" # resp.headers['Content-Security-Policy']= "script-src 'self' https://www.googleapis.com https://api.douban.com https://comicvine.gamespot.com;"
if "tolino" not in request.headers.get('User-Agent'): resp.headers['X-Content-Type-Options'] = 'nosniff'
resp.headers['X-Content-Type-Options'] = 'nosniff' resp.headers['X-Frame-Options'] = 'SAMEORIGIN'
resp.headers['X-Frame-Options'] = 'SAMEORIGIN' resp.headers['X-XSS-Protection'] = '1; mode=block'
resp.headers['X-XSS-Protection'] = '1; mode=block' resp.headers['Strict-Transport-Security'] = 'max-age=31536000; includeSubDomains'
resp.headers['Strict-Transport-Security'] = 'max-age=31536000; includeSubDomains'
log.debug(request.full_path)
log.debug(request.headers) log.debug(request.headers)
return resp return resp