3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-08-06 10:21:05 +02:00
Code Issues Projects Releases Packages Wiki Activity

internal/frontend : serve static assets (#392)

Browse source 
Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
This commit is contained in:
Bobby DeSimone 2019-11-22 17:46:01 -08:00 committed by GitHub
parent f20d913abe
commit ebee64b70b
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
24 changed files with 700 additions and 502 deletions
Download patch file Download diff file Expand all files Collapse all files

8
internal/httputil/constants.go
View file

@ -7,3 +7,11 @@ const (
// Especially useful when working with single page apps (SPA).
HeaderPomeriumResponse = "x-pomerium-intercepted-response"
)
// HeadersContentSecurityPolicy are the content security headers added to the service's handlers
// by default includes profile photo exceptions for supported identity providers.
// https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/script-src
var HeadersContentSecurityPolicy = map[string]string{
"Content-Security-Policy": "default-src 'none'; style-src 'self'; img-src *;",
"Referrer-Policy": "Same-origin",
}