Skip to content
Snippets Groups Projects
Commit 55968280 authored by Will McCutchen's avatar Will McCutchen
Browse files

Add Content-Security-Policy header to index page

parent bc2cd169
No related branches found
No related tags found
No related merge requests found
Show whitespace changes
Inline Side-by-side
httpbin/handlers.go
+ 1
0
View file @ 55968280
...@@ -34,6 +34,7 @@ func (h *HTTPBin) Index(w http.ResponseWriter, r *http.Request) { ...@@ -34,6 +34,7 @@ func (h *HTTPBin) Index(w http.ResponseWriter, r *http.Request) {
http.Error(w, "Not Found", http.StatusNotFound) http.Error(w, "Not Found", http.StatusNotFound)
return return
} }
w.Header().Set("Content-Security-Policy", "default-src 'self'; style-src 'unsafe-inline'")
writeHTML(w, assets.MustAsset("index.html"), http.StatusOK) writeHTML(w, assets.MustAsset("index.html"), http.StatusOK)
} }
......
httpbin/handlers_test.go
+ 1
0
View file @ 55968280
...@@ -64,6 +64,7 @@ func TestIndex(t *testing.T) { ...@@ -64,6 +64,7 @@ func TestIndex(t *testing.T) {
handler.ServeHTTP(w, r) handler.ServeHTTP(w, r)
assertContentType(t, w, htmlContentType) assertContentType(t, w, htmlContentType)
assertHeader(t, w, "Content-Security-Policy", "default-src 'self'; style-src 'unsafe-inline'")
assertBodyContains(t, w, "go-httpbin") assertBodyContains(t, w, "go-httpbin")
} }
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment