about summary refs log tree commit diff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/frontend/mod.rs8
-rw-r--r--src/media/mod.rs4
2 files changed, 12 insertions, 0 deletions
diff --git a/src/frontend/mod.rs b/src/frontend/mod.rs
index 8338ac6..9ba1a69 100644
--- a/src/frontend/mod.rs
+++ b/src/frontend/mod.rs
@@ -250,6 +250,10 @@ pub async fn homepage<D: Storage>(
         axum::http::header::CONTENT_TYPE,
         axum::http::HeaderValue::from_static(r#"text/html; charset="utf-8""#),
     );
+    headers.insert(
+        axum::http::header::X_CONTENT_TYPE_OPTIONS,
+        axum::http::HeaderValue::from_static("nosniff")
+    );
 
     let user = session.as_deref().map(|s| &s.me);
     match tokio::try_join!(
@@ -365,6 +369,10 @@ pub async fn catchall<D: Storage>(
                 axum::http::header::CONTENT_TYPE,
                 axum::http::HeaderValue::from_static(r#"text/html; charset="utf-8""#),
             );
+            headers.insert(
+                axum::http::header::X_CONTENT_TYPE_OPTIONS,
+                axum::http::HeaderValue::from_static("nosniff")
+            );
             if user.is_some() {
                 headers.insert(
                     axum::http::header::CACHE_CONTROL,
diff --git a/src/media/mod.rs b/src/media/mod.rs
index 199f05f..6f263b6 100644
--- a/src/media/mod.rs
+++ b/src/media/mod.rs
@@ -103,6 +103,10 @@ pub(crate) async fn serve<S: MediaStore>(
                             .unwrap_or("application/octet-stream")
                     ).unwrap()
                 );
+                headers.insert(
+                    axum::http::header::X_CONTENT_TYPE_OPTIONS,
+                    axum::http::HeaderValue::from_static("nosniff")
+                );
                 if let Some(length) = metadata.length {
                     headers.typed_insert(ContentLength(length.get().try_into().unwrap()));
                 }
generated by cgit-pink 1.4.1 (git 2.36.1) at 2025-01-16 12:00:00 +0000