diff options
| author | Matheus Mosca <42419282+matheusmosca@users.noreply.github.com> | 2020-11-11 01:17:43 -0300 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-11-11 12:17:43 +0800 |
| commit | 997ba0fef01cc5ea69de1be7e997c7b7e184dd52 (patch) | |
| tree | eda04450c549a1de9c2564db1bf8ec620f033e64 /internal/context/context.go | |
| parent | 6f735cc2dade8c24c66f2c131f26334784de6139 (diff) | |
context: add X-Frame-Options header (#6411)
Co-authored-by: ᴜɴᴋɴᴡᴏɴ <u@gogs.io>
Diffstat (limited to 'internal/context/context.go')
| -rw-r--r-- | internal/context/context.go | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/internal/context/context.go b/internal/context/context.go index 55c94c59..da967b11 100644 --- a/internal/context/context.go +++ b/internal/context/context.go @@ -289,6 +289,7 @@ func Contexter() macaron.Handler { // 🚨 SECURITY: Prevent MIME type sniffing in some browsers, // see https://github.com/gogs/gogs/issues/5397 for details. c.Header().Set("X-Content-Type-Options", "nosniff") + c.Header().Set("X-Frame-Options", "DENY") ctx.Map(c) } |