dcarrillo/whatismyip
1
0
Fork 0
mirror of https://github.com/dcarrillo/whatismyip.git synced 2025-07-01 19:49:27 +00:00
Code Issues Projects Releases Wiki Activity

Add optional secure headers to responses

Browse Source
This commit is contained in:
Daniel Carrillo
2022-04-02 18:10:48 +02:00
parent aae2e08240
commit 12da27ddab
4 changed files with 69 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
cmd/whatismyip.go
View File

@ -17,6 +17,7 @@ import (
"github.com/dcarrillo/whatismyip/router"
"github.com/gin-gonic/gin"
"github.com/unrolled/secure"
)
var (
@ -138,6 +139,28 @@ func setupEngine() {
engine = gin.New()
engine.Use(gin.LoggerWithFormatter(httputils.GetLogFormatter))
engine.Use(gin.Recovery())
if setting.App.EnableSecureHeaders {
engine.Use(addSecureHeaders())
}
_ = engine.SetTrustedProxies(nil)
engine.TrustedPlatform = setting.App.TrustedHeader
}
func addSecureHeaders() gin.HandlerFunc {
return func(c *gin.Context) {
err := secure.New(secure.Options{
BrowserXssFilter: true,
ContentTypeNosniff: true,
FrameDeny: true,
}).Process(c.Writer, c.Request)
if err != nil {
c.Abort()
return
}
// Avoid header rewrite if response is a redirection.
if status := c.Writer.Status(); status > 300 && status < 399 {
c.Abort()
}
}
}