Browse Source

Merge pull request #73 from mutantmonkey/workaround_chrome_nonsense

workaround chrome nonsense with CSP
pull/76/head v1.1.9
Andrei Marcu 9 years ago
parent
commit
bc66bcc069
  1. 2
      server.go

2
server.go

@ -201,7 +201,7 @@ func main() {
"default-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; referrer origin;",
"value of default Content-Security-Policy header")
flag.StringVar(&Config.fileContentSecurityPolicy, "filecontentsecuritypolicy",
"default-src 'none'; img-src 'self'; object-src 'self'; media-src 'self'; referrer origin;",
"default-src 'none'; img-src 'self'; object-src 'self'; media-src 'self'; style-src 'self' 'unsafe-inline'; referrer origin;",
"value of Content-Security-Policy header for file access")
flag.StringVar(&Config.xFrameOptions, "xframeoptions", "SAMEORIGIN",
"value of X-Frame-Options header")

Loading…
Cancel
Save