echelon/i2p.i2p
1
0
Fork 0
forked from I2P_Developers/i2p.i2p
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Console: Add X-Content-Type-Options header everywhere (ticket #1763)

Browse Source
This commit is contained in:
zzz
2016-02-25 14:56:06 +00:00
parent a79b25d7b1
commit 248deaecbb
22 changed files with 23 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
apps/i2psnark/java/src/org/klomp/snark/web/BasicServlet.java
View File

@ -378,7 +378,7 @@ class BasicServlet extends HttpServlet
{
if (content.getContentType()!=null && response.getContentType()==null)
response.setContentType(content.getContentType());
response.setHeader("X-Content-Type-Options", "nosniff");
long lml = content.getLastModified();
if (lml > 0)
response.setDateHeader("Last-Modified",lml);
@ -394,7 +394,6 @@ class BasicServlet extends HttpServlet
long ct = content.getCacheTime();
if (ct>=0)
response.setHeader("Cache-Control", "public, max-age=" + ct);
}
/* ------------------------------------------------------------ */

1
apps/i2psnark/java/src/org/klomp/snark/web/I2PSnarkServlet.java
View File

@ -379,6 +379,7 @@ public class I2PSnarkServlet extends BasicServlet {
resp.setHeader("Pragma", "no-cache");
resp.setHeader("X-Frame-Options", "SAMEORIGIN");
resp.setHeader("X-XSS-Protection", "1; mode=block");
resp.setHeader("X-Content-Type-Options", "nosniff");
}
private void writeMessages(PrintWriter out, boolean isConfigure, String peerString) throws IOException {