Mirrors/sftpgo
1
0
Fork 0
mirror of https://github.com/drakkan/sftpgo.git synced 2025-12-07 23:00:55 +03:00
Code Issues Packages Projects Releases Wiki Activity

httpd: allow to configure referrer policy header

Browse Source 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
This commit is contained in:
Nicola Murino
2025-04-07 18:48:48 +02:00
parent 01fbf3480f
commit f41f00fec2
6 changed files with 18 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
internal/httpd/httpd.go
View File

@@ -420,9 +420,11 @@ type SecurityConf struct {
CrossOriginResourcePolicy string `json:"cross_origin_resource_policy" mapstructure:"cross_origin_resource_policy"`
// CrossOriginEmbedderPolicy allows to set the Cross-Origin-Embedder-Policy header value. Default is "".
CrossOriginEmbedderPolicy string `json:"cross_origin_embedder_policy" mapstructure:"cross_origin_embedder_policy"`
// CacheControl allow to set the Cache-Control header value.
// CacheControl allows to set the Cache-Control header value.
CacheControl string `json:"cache_control" mapstructure:"cache_control"`
proxyHeaders []string
// ReferrerPolicy allows to set the Referrer-Policy header values.
ReferrerPolicy string `json:"referrer_policy" mapstructure:"referrer_policy"`
proxyHeaders []string
}
func (s *SecurityConf) updateProxyHeaders() {

2
internal/httpd/internal_test.go
View File

@@ -3446,6 +3446,7 @@ func TestSecureMiddlewareIntegration(t *testing.T) {
CrossOriginOpenerPolicy: "same-origin",
CrossOriginResourcePolicy: "same-site",
CrossOriginEmbedderPolicy: "require-corp",
ReferrerPolicy: "no-referrer",
},
},
enableWebAdmin: true,
@@ -3503,6 +3504,7 @@ func TestSecureMiddlewareIntegration(t *testing.T) {
assert.Equal(t, "require-corp", rr.Header().Get("Cross-Origin-Embedder-Policy"))
assert.Equal(t, "same-origin", rr.Header().Get("Cross-Origin-Opener-Policy"))
assert.Equal(t, "same-site", rr.Header().Get("Cross-Origin-Resource-Policy"))
assert.Equal(t, "no-referrer", rr.Header().Get("Referrer-Policy"))
server.binding.Security.Enabled = false
server.binding.Security.updateProxyHeaders()

1
internal/httpd/server.go
View File

@@ -1257,6 +1257,7 @@ func (s *httpdServer) initializeRouter() {
CrossOriginOpenerPolicy: s.binding.Security.CrossOriginOpenerPolicy,
CrossOriginResourcePolicy: s.binding.Security.CrossOriginResourcePolicy,
CrossOriginEmbedderPolicy: s.binding.Security.CrossOriginEmbedderPolicy,
ReferrerPolicy: s.binding.Security.ReferrerPolicy,
})
secureMiddleware.SetBadHostHandler(http.HandlerFunc(s.badHostHandler))
if s.binding.Security.CacheControl == "private" {