parent
2be240767c
commit
f988123820
@ -128,15 +128,6 @@ if CONFIG.geo_bypass
|
|||||||
end
|
end
|
||||||
|
|
||||||
before_all do |env|
|
before_all do |env|
|
||||||
if CONFIG.domains && env.request.headers["Origin"]?
|
|
||||||
origin = env.request.headers["Origin"]
|
|
||||||
domains = CONFIG.domains.not_nil!
|
|
||||||
|
|
||||||
if !domains.includes? origin
|
|
||||||
halt env, status_code: 403
|
|
||||||
end
|
|
||||||
end
|
|
||||||
|
|
||||||
env.response.headers["X-XSS-Protection"] = "1; mode=block;"
|
env.response.headers["X-XSS-Protection"] = "1; mode=block;"
|
||||||
env.response.headers["X-Content-Type-Options"] = "nosniff"
|
env.response.headers["X-Content-Type-Options"] = "nosniff"
|
||||||
|
|
||||||
|
@ -16,7 +16,6 @@ class Config
|
|||||||
hmac_key: String?,
|
hmac_key: String?,
|
||||||
full_refresh: Bool,
|
full_refresh: Bool,
|
||||||
geo_bypass: Bool,
|
geo_bypass: Bool,
|
||||||
domains: Array(String)?,
|
|
||||||
})
|
})
|
||||||
end
|
end
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user