Fix typo in X-XSS-Protection

This commit is contained in:
Omar Roth 2019-05-10 16:48:38 -05:00
parent d93df15eff
commit 7cd66e20d0
No known key found for this signature in database
GPG Key ID: B8254FB7EC3D37F2

View File

@ -188,7 +188,7 @@ proxies = PROXY_LIST
before_all do |env| before_all do |env|
host_url = make_host_url(config, Kemal.config) host_url = make_host_url(config, Kemal.config)
env.response.headers["X-XSS-Protection"] = "1; mode=block;" env.response.headers["X-XSS-Protection"] = "1; mode=block"
env.response.headers["X-Content-Type-Options"] = "nosniff" env.response.headers["X-Content-Type-Options"] = "nosniff"
env.response.headers["Content-Security-Policy"] = "default-src blob: data: 'self' #{host_url} 'unsafe-inline' 'unsafe-eval'; media-src blob: 'self' #{host_url} https://*.googlevideo.com:443" env.response.headers["Content-Security-Policy"] = "default-src blob: data: 'self' #{host_url} 'unsafe-inline' 'unsafe-eval'; media-src blob: 'self' #{host_url} https://*.googlevideo.com:443"
env.response.headers["Referrer-Policy"] = "same-origin" env.response.headers["Referrer-Policy"] = "same-origin"