totole/revel-cmd
1
0
Fork 0
mirror of https://github.com/kevin-DL/revel-cmd.git synced 2026-01-23 15:31:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

Removed the catch all route, and added comment about security issue

Browse Source
This commit is contained in:
NotZippy
2017-10-22 09:31:18 -07:00
parent 2d4ccf289c
commit 29c6237caf
2 changed files with 11 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
revel/skeleton/app/init.go
View File

@@ -38,9 +38,8 @@ func init() {
}
// HeaderFilter adds common security headers
// TODO turn this into revel.HeaderFilter
// should probably also have a filter for CSRF
// not sure if it can go in the same filter or not
// There is a full implementation of a CSRF filter in
// https://github.com/revel/modules/tree/master/csrf
var HeaderFilter = func(c *revel.Controller, fc []revel.Filter) {
c.Response.Out.Header().Add("X-Frame-Options", "SAMEORIGIN")
c.Response.Out.Header().Add("X-XSS-Protection", "1; mode=block")