iv-org/instances-api
1
0
Fork 0
mirror of https://github.com/iv-org/instances-api.git synced 2025-05-10 18:45:13 -04:00
Code Issues Projects Releases Packages Wiki Activity

Add security headers

Browse source
This commit is contained in:
Omar Roth 2019-09-04 22:05:25 -04:00
parent 798b2c282f
commit 047d53bfb1
No known key found for this signature in database
GPG key ID: B8254FB7EC3D37F2
1 changed files with 7 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

7
src/instances.cr
View file

@ -81,6 +81,13 @@ spawn do
end
end
before_all do |env|
env.response.headers["X-XSS-Protection"] = "1; mode=block"
env.response.headers["X-Content-Type-Options"] = "nosniff"
env.response.headers["Referrer-Policy"] = "same-origin"
env.response.headers["Strict-Transport-Security"] = "max-age=31536000; includeSubDomains; preload"
end
get "/" do |env|
sort_by = env.params.query["sort_by"]?
sort_by ||= "users-reverse"