2
0
mirror of https://github.com/xcat2/confluent.git synced 2024-11-23 01:53:28 +00:00

Add a number of security headers

There are a number of headers security scanners expect.
Explicitly declare how strict browser should be with
responses.
This commit is contained in:
Jarrod Johnson 2016-10-13 11:08:05 -04:00
parent 70762d3f6c
commit 7557136d5d

View File

@ -369,7 +369,12 @@ def resourcehandler_backend(env, start_response):
"""Function to handle new wsgi requests
"""
mimetype, extension = _pick_mimetype(env)
headers = [('Content-Type', mimetype), ('Cache-Control', 'no-cache')]
headers = [('Content-Type', mimetype), ('Cache-Control', 'no-cache'),
('X-Content-Type-Options', 'nosniff'),
('Content-Security-Policy', "default-src 'self'"),
('X-XSS-Protection', '1'), ('X-Frame-Options', 'deny'),
('Strict-Transport-Security', 'max-age=86400'),
('X-Permitted-Cross-Domain-Policies', 'none')]
reqbody = None
reqtype = None
if 'CONTENT_LENGTH' in env and int(env['CONTENT_LENGTH']) > 0: