mirror/PrivateCaptcha
1
0
Fork 0
mirror of https://github.com/PrivateCaptcha/PrivateCaptcha.git synced 2026-02-08 06:49:44 -06:00
Code Issues Packages Projects Releases Wiki Activity

Add crossorigin attribute to portal scripts. related PrivateCaptcha/issues#206

Browse Source
This commit is contained in:
Taras Kushnir
2025-11-11 09:55:32 +02:00
parent 26f812c352
commit a016ef1a2b
6 changed files with 11 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
pkg/common/middlewares.go
View File

@@ -35,6 +35,9 @@ var (
http.CanonicalHeaderKey("X-Frame-Options"): []string{"DENY"},
http.CanonicalHeaderKey("X-Content-Type-Options"): []string{"nosniff"},
}
CorsAllowAllHeaders = map[string][]string{
HeaderAccessControlOrigin: []string{"*"},
}
HtmlContentHeaders = map[string][]string{
http.CanonicalHeaderKey(HeaderContentType): []string{ContentTypeHTML},
}

1
web/build.go
View File

@@ -37,6 +37,7 @@ func Static(gitHash string) http.HandlerFunc {
common.WriteHeaders(w, common.CachedHeaders)
common.WriteHeaders(w, common.SecurityHeaders)
common.WriteHeaders(w, common.CorsAllowAllHeaders)
common.WriteHeaders(w, etagHeaders)
srv.ServeHTTP(w, r)
}

6
web/layouts/_default/default-scripts.html
View File

@@ -1,6 +1,6 @@
<script defer src="{{$.Ctx.CDN}}/portal/js/alpine.min.js"></script>
<script defer src="{{$.Ctx.CDN}}/portal/js/htmx.min.js"></script>
<script src="{{$.Ctx.CDN}}/portal/js/bundle.js"></script>
<script defer src="{{$.Ctx.CDN}}/portal/js/alpine.min.js" crossorigin="anonymous"></script>
<script defer src="{{$.Ctx.CDN}}/portal/js/htmx.min.js" crossorigin="anonymous"></script>
<script src="{{$.Ctx.CDN}}/portal/js/bundle.js" crossorigin="anonymous"></script>
{{ if $.Ctx.LoggedIn }}
<script type="text/javascript">
ErrorTracker.init({

2
web/layouts/portal/scripts.html
View File

@@ -1,4 +1,4 @@
{{define "scripts"}}
<script defer src="{{$.Ctx.CDN}}/portal/js/alpine.persist.min.js"></script>
<script defer src="{{$.Ctx.CDN}}/portal/js/alpine.persist.min.js" crossorigin="anonymous"></script>
{{template "default-scripts.html" .}}
{{end}}

4
web/layouts/property/scripts.html
View File

@@ -1,6 +1,6 @@
{{define "scripts"}}
<script defer src="{{$.Ctx.CDN}}/portal/js/d3.v7.min.js" type="text/javascript" charset="utf-8"></script>
<script defer src="{{$.Ctx.CDN}}/widget/js/privatecaptcha.js" type="text/javascript" charset="utf-8"></script>
<script defer src="{{$.Ctx.CDN}}/portal/js/d3.v7.min.js" type="text/javascript" charset="utf-8" crossorigin="anonymous"></script>
<script defer src="{{$.Ctx.CDN}}/widget/js/privatecaptcha.js" type="text/javascript" charset="utf-8" crossorigin="anonymous"></script>
{{template "default-scripts.html" .}}
<script>

1
widget/build.go
View File

@@ -30,6 +30,7 @@ func Static(gitHash string) http.HandlerFunc {
}
common.WriteHeaders(w, common.CachedHeaders)
common.WriteHeaders(w, common.CorsAllowAllHeaders)
common.WriteHeaders(w, etagHeaders)
srv.ServeHTTP(w, r)
}