rDrama
/
rDrama
9
10
Fork 7
Code Issues Pull Requests Packages Releases Wiki Activity

fd

remotes/1693045480750635534/spooky-22
Aevann1 2021-08-08 03:05:04 +02:00
parent 3fb2fe0594
commit 8abfc4a92a
1 changed files with 10 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
files/__main__.py
View File

@ -254,15 +254,18 @@ def after_request(response):
print(e)
abort(500)
response.headers.add('Access-Control-Allow-Headers', "Origin, X-Requested-With, Content-Type, Accept, x-auth")
response.headers.remove("Cache-Control")
response.headers.add("Cache-Control", "public, max-age=1800")
response.headers.add("Access-Control-Allow-Origin", app.config["SERVER_NAME"])
response.headers.add('Access-Control-Allow-Headers',
"Origin, X-Requested-With, Content-Type, Accept, x-auth"
)
response.headers.add("Cache-Control",
"maxage=600")
response.headers.add("Strict-Transport-Security", "max-age=31536000")
response.headers.add("Referrer-Policy", "same-origin")
response.headers.add("Feature-Policy", "geolocation 'none'; midi 'none'; notifications 'none'; push 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; vibrate 'none'; fullscreen 'none'; payment 'none';")
if not request.path.startswith("/embed/"): response.headers.add("X-Frame-Options", "deny")
response.headers.add("Feature-Policy",
"geolocation 'none'; midi 'none'; notifications 'none'; push 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; vibrate 'none'; fullscreen 'none'; payment 'none';")
if not request.path.startswith("/embed/"):
response.headers.add("X-Frame-Options",
"deny")
return response