vic/filebrozer
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: xss vulnerability in /api/raw (#2570) (#2572)

Browse Source
This commit is contained in:
Anchit Bajaj
2023-07-27 15:12:27 +05:30
committed by GitHub
parent ff4375cf6c
commit b508ac3d4f
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
http/raw.go
View File

@@ -207,7 +207,7 @@ func rawFileHandler(w http.ResponseWriter, r *http.Request, file *files.FileInfo
defer fd.Close()
setContentDisposition(w, r, file)
w.Header().Add("Content-Security-Policy", `script-src 'none';`)
w.Header().Set("Cache-Control", "private")
http.ServeContent(w, r, file.Name, file.ModTime, fd)
return 0, nil