From 22d217f13ceabb553975670b3366a25b5208252b Mon Sep 17 00:00:00 2001 From: RochoElLocho Date: Sun, 12 Jan 2025 18:38:01 +0100 Subject: [PATCH] Sicherheits header aktualisiert --- main.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/main.go b/main.go index e3ad7e2..d94d7cd 100644 --- a/main.go +++ b/main.go @@ -44,7 +44,7 @@ func main() { func secureHeaders(next http.Handler) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { // Setze die Sicherheitsheader - w.Header().Set("Content-Security-Policy", "default-src 'self'; script-src 'self'; style-src 'self'; img-src 'self' data:;") + w.Header().Set("Content-Security-Policy", "default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self';") w.Header().Set("Strict-Transport-Security", "max-age=31536000; includeSubDomains; preload") w.Header().Set("X-Content-Type-Options", "nosniff") w.Header().Set("X-Frame-Options", "DENY")