SCHISANDRA/schisandra-cloud-album
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
This repository has been archived on 2024-11-28. You can view files and clone it, but cannot push or open issues or pull requests.
Files
master
schisandra-cloud-album/middleware/security_headers.go
landaiqing 5cc4294268 add session
2024-09-23 13:31:57 +08:00

25 lines
932 B
Go
Raw Permalink Blame History

package middleware
import (
"github.com/gin-gonic/gin"
)
func SecurityHeaders() gin.HandlerFunc {
return func(c *gin.Context) {
//requestHost := c.Request.Host
//if requestHost != global.CONFIG.System.Web {
// result.FailWithMessage(ginI18n.MustGetMessage(c, "IllegalRequests"), c)
// c.Abort()
// return
//}
c.Header("X-Frame-Options", "DENY")
c.Header("Content-Security-Policy", "default-src 'self'; connect-src *; font-src *; script-src-elem * 'unsafe-inline'; img-src * data:; style-src * 'unsafe-inline';")
c.Header("X-XSS-Protection", "1; mode=block")
c.Header("Strict-Transport-Security", "max-age=31536000; includeSubDomains; preload")
c.Header("Referrer-Policy", "strict-origin")
c.Header("X-Content-Type-Options", "nosniff")
c.Header("Permissions-Policy", "geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()")
c.Next()
}
}
Reference in New Issue View Git Blame Copy Permalink