rancher/norman
1
0
Fork 0
mirror of https://github.com/rancher/norman.git synced 2025-09-13 22:01:34 +00:00
Code Issues Releases Wiki Activity

Add Frame-Options header

Browse Source 
Problem:
Frame-Options header is not being set, this is a potential secutiry
issue

Solution:
Set the header "X-Frame-Options:deny"
This commit is contained in:
Dan Ramich
2019-02-15 16:08:09 -07:00
committed by Craig Jellick
parent 362802224f
commit 9ba19df9be
1 changed files with 1 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
api/writer/html.go
View File

@@ -42,6 +42,7 @@ type HTMLResponseWriter struct {
func (h *HTMLResponseWriter) start(apiContext *types.APIContext, code int, obj interface{}) {
AddCommonResponseHeader(apiContext)
apiContext.Response.Header().Set("content-type", "text/html")
apiContext.Response.Header().Set("X-Frame-Options", "deny")
apiContext.Response.WriteHeader(code)
}