Detect dashboard assets content types

Co-authored-by: Romain <rtribotte@users.noreply.github.com>
This commit is contained in:
Tom Moulard 2022-12-29 09:46:04 +01:00 committed by GitHub
parent c38d405cfd
commit a2016a2953
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -51,6 +51,11 @@ func (g Handler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
// allow iframes from our domains only // allow iframes from our domains only
// https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/frame-src // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/frame-src
w.Header().Set("Content-Security-Policy", "frame-src 'self' https://traefik.io https://*.traefik.io;") w.Header().Set("Content-Security-Policy", "frame-src 'self' https://traefik.io https://*.traefik.io;")
// The content type must be guessed by the file server.
// https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options
w.Header().Del("Content-Type")
http.FileServer(http.FS(assets)).ServeHTTP(w, r) http.FileServer(http.FS(assets)).ServeHTTP(w, r)
} }