diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib.rs | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/src/lib.rs b/src/lib.rs index e6bc24c..177dac4 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -308,4 +308,10 @@ St: Clone + Send + Sync + 'static axum::http::header::COOKIE, axum::http::header::SET_COOKIE, ])) + .layer(tower_http::set_header::SetResponseHeaderLayer::appending( + axum::http::header::CONTENT_SECURITY_POLICY, + axum::http::HeaderValue::from_static( + "default-src 'https:'; script-src 'self'; style-src 'self'; script-src-attr 'none'; base-uri 'none'" + ) + )) } |