3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-05-20 04:27:19 +02:00
Code Issues Projects Releases Packages Wiki Activity

internal/frontend : serve static assets (#392)

Browse source 
Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
This commit is contained in:
Bobby DeSimone 2019-11-22 17:46:01 -08:00 committed by GitHub
parent f20d913abe
commit ebee64b70b
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
24 changed files with 700 additions and 502 deletions
Download patch file Download diff file Expand all files Collapse all files

13
authenticate/handlers.go
View file

@ -21,21 +21,10 @@ import (
"github.com/pomerium/pomerium/internal/urlutil"
)
// CSPHeaders are the content security headers added to the service's handlers
// https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/script-src
var CSPHeaders = map[string]string{
"Content-Security-Policy": "default-src 'none'; style-src 'self'" +
" 'sha256-z9MsgkMbQjRSLxzAfN55jB3a9pP0PQ4OHFH8b4iDP6s=' " +
" 'sha256-qnVkQSG7pWu17hBhIw0kCpfEB3XGvt0mNRa6+uM6OUU=' " +
" 'sha256-qOdRsNZhtR+htazbcy7guQl3Cn1cqOw1FcE4d3llae0='; " +
"img-src 'self';",
"Referrer-Policy": "Same-origin",
}
// Handler returns the authenticate service's handler chain.
func (a *Authenticate) Handler() http.Handler {
r := httputil.NewRouter()
r.Use(middleware.SetHeaders(CSPHeaders))
r.Use(middleware.SetHeaders(httputil.HeadersContentSecurityPolicy))
r.Use(csrf.Protect(
a.cookieSecret,
csrf.Secure(a.cookieOptions.Secure),