From 7b8362014c2506bb944f4c3fc89c49efbfc429e4 Mon Sep 17 00:00:00 2001 From: iliya <iliya.saroukha@hes-so.ch> Date: Sat, 13 Jan 2024 16:06:48 +0100 Subject: [PATCH] fix: updated hashes in headers --- main.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/main.go b/main.go index 1879396..5dbdb49 100644 --- a/main.go +++ b/main.go @@ -27,7 +27,7 @@ func neuter(next http.Handler) http.Handler { func securityHeaders(next http.Handler) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { // w.Header().Set("Content-Security-Policy", "default-src 'self' md-block.verou.me polyfill.io cdn.jsdelivr.net cdnjs.cloudflare.com cdnjs.com; style-src 'unsafe-inline' 'self' use.fontawesome.com cdnjs.cloudflare.com fonts.googleapis.com cdn.jsdelivr.net; font-src 'self' cdn.jsdelivr.net fonts.gstatic.com cdnjs.cloudflare.com; img-src 'self' data:;") - w.Header().Set("Content-Security-Policy", "default-src 'self'; style-src 'unsafe-inline' 'self' use.fontawesome.com cdnjs.cloudflare.com fonts.googleapis.com cdn.jsdelivr.net; font-src 'self' cdn.jsdelivr.net fonts.gstatic.com cdnjs.cloudflare.com; img-src 'self' data:; script-src md-block.verou.me polyfill.io cdn.jsdelivr.net cdnjs.cloudflare.com cdnjs.com 'sha384-I7hpstL3JZSvqmvrdu4dtRJdQVq05DXy+3i+cRxs7r6no2IqmTMV/KoOb1xUxXU9' 'sha384-TuWVYSTdx2stmLQgXnI5zlGVS+9s7dleDGxmfNhZukw82+GPQ7kRkVZKGuWtxVkP' 'sha384-tx+BAjWAc7um+Tn14q8wa5FGi5XpV8gPZ3Rm3AXYVIfvtggl2YvkM+NpIRaM+0a7' 'sha384-Z2NWi0grbE5QoxQNrdzqRklcdjkuZPtG08Tt/npaX+Cs8IICCiGw8/nyf/1KjsBF' 'sha384-ugweC/kAs9x+OyLL8KgSLbINUovPSHZvkShmFj+xFOi+uvEWDFRnOVZm5+1gWJ7r' 'sha384-EAvYp0YNvL2lBbToDbFTIrcJRDsZomMl8ILxDm9G7q2YIqWFWIjy9jmzhjJkfQ/f';") + w.Header().Set("Content-Security-Policy", "default-src 'self'; style-src 'unsafe-inline' 'self' use.fontawesome.com cdnjs.cloudflare.com fonts.googleapis.com cdn.jsdelivr.net; font-src 'self' cdn.jsdelivr.net fonts.gstatic.com cdnjs.cloudflare.com; img-src 'self' data:; script-src md-block.verou.me polyfill.io cdn.jsdelivr.net cdnjs.cloudflare.com cdnjs.com 'sha384-uFK0uuuZ/1YIUwmUaiHHnl/+hm9SBZNax6A/JnhCBVtDXeku6kpoNTwRg/63E9OZ' 'sha384-Hj9Zg/2obOOm4nZ1T2Q7ptp+fYPKAgl98aaV58MOcfT5hko1L3BpRO7JBWwcre2u' 'sha384-57wT0maCBkc9SUiinG+6D34xtc0KNsctQBxmj13cH2Rgr8SRsbM7KEIG8qNnokTR' 'sha384-RCmUeGDm/0z7qjkMPO++90GnVpv4BPGiE4TdrRbppw0DHPLAwxKRfrv+517imnEk' 'sha384-RCmUeGDm/0z7qjkMPO++90GnVpv4BPGiE4TdrRbppw0DHPLAwxKRfrv+517imnEk' 'sha384-prkjKY6BK8S+/cssiOWBYWjD6jNXAQZ/37WZhrzC+i1IgDNvWYUpEgT54Hofpny3' 'sha384-X6fFs+33RbaLB2QyQKhODqTpovExqXBBIHr/1QvS6UrZRwvkb9EfCjtOnZH6FXaD';") w.Header().Set("Strict-Transport-Security", "max-age=31536000; includeSubDomains") w.Header().Set("X-Content-Type-Options", "nosniff") w.Header().Set("X-Frame-Options", "DENY") -- GitLab