mirror of
https://github.com/janeczku/calibre-web
synced 2024-12-01 05:49:58 +00:00
Revert the tolino stuff
This commit is contained in:
parent
a761017116
commit
8f743b70a4
10
cps/web.py
10
cps/web.py
@ -129,12 +129,10 @@ if feature_support['ldap']:
|
|||||||
@app.after_request
|
@app.after_request
|
||||||
def add_security_headers(resp):
|
def add_security_headers(resp):
|
||||||
# resp.headers['Content-Security-Policy']= "script-src 'self' https://www.googleapis.com https://api.douban.com https://comicvine.gamespot.com;"
|
# resp.headers['Content-Security-Policy']= "script-src 'self' https://www.googleapis.com https://api.douban.com https://comicvine.gamespot.com;"
|
||||||
if "tolino" not in request.headers.get('User-Agent'):
|
resp.headers['X-Content-Type-Options'] = 'nosniff'
|
||||||
resp.headers['X-Content-Type-Options'] = 'nosniff'
|
resp.headers['X-Frame-Options'] = 'SAMEORIGIN'
|
||||||
resp.headers['X-Frame-Options'] = 'SAMEORIGIN'
|
resp.headers['X-XSS-Protection'] = '1; mode=block'
|
||||||
resp.headers['X-XSS-Protection'] = '1; mode=block'
|
resp.headers['Strict-Transport-Security'] = 'max-age=31536000; includeSubDomains'
|
||||||
resp.headers['Strict-Transport-Security'] = 'max-age=31536000; includeSubDomains'
|
|
||||||
log.debug(request.full_path)
|
|
||||||
log.debug(request.headers)
|
log.debug(request.headers)
|
||||||
return resp
|
return resp
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user