mirror of
https://github.com/opencloud-eu/opencloud.git
synced 2026-01-04 11:19:39 -06:00
bdbba929d0
* feat: add CSP and other security related headers in the oCIS proxy service * fix: consolidate security related headers - drop middleware.Secure * fix: use github.com/DeepDiver1975/secure * fix: acceptance tests * feat: support env var replacements in csp.yaml
14 lines
355 B
Go
14 lines
355 B
Go
package middleware
|
|
|
|
import (
|
|
"net/http"
|
|
)
|
|
|
|
// SilentRefresh allows the oidc client lib to silently refresh the token in an iframe
|
|
func SilentRefresh(next http.Handler) http.Handler {
|
|
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
w.Header().Set("Content-Security-Policy", "frame-ancestors 'self'")
|
|
next.ServeHTTP(w, r)
|
|
})
|
|
}
|