diff options
Diffstat (limited to 'templates')
| -rw-r--r-- | templates/src/lib.rs | 18 |
1 files changed, 12 insertions, 6 deletions
diff --git a/templates/src/lib.rs b/templates/src/lib.rs index 96bf592..d9fe86b 100644 --- a/templates/src/lib.rs +++ b/templates/src/lib.rs @@ -15,7 +15,7 @@ pub mod assets { use axum::response::{IntoResponse, Response}; use axum::extract::Path; use axum::http::StatusCode; - use axum::http::header::{CONTENT_TYPE, CONTENT_ENCODING, CACHE_CONTROL}; + use axum::http::header::{CONTENT_TYPE, CONTENT_ENCODING, CACHE_CONTROL, X_CONTENT_TYPE_OPTIONS}; const ASSETS: include_dir::Dir<'static> = include_dir::include_dir!("$OUT_DIR/"); const CACHE_FOR_A_DAY: &str = "max-age=86400"; @@ -36,14 +36,20 @@ pub mod assets { match ASSETS.get_file(path.clone() + ".gz") { Some(file) => (StatusCode::OK, - [(CONTENT_TYPE, content_type), - (CONTENT_ENCODING, GZIP), - (CACHE_CONTROL, CACHE_FOR_A_DAY)], + [ + (CONTENT_TYPE, content_type), + (CONTENT_ENCODING, GZIP), + (CACHE_CONTROL, CACHE_FOR_A_DAY), + (X_CONTENT_TYPE_OPTIONS, "nosniff") + ], file.contents()).into_response(), None => match ASSETS.get_file(path) { Some(file) => (StatusCode::OK, - [(CONTENT_TYPE, content_type), - (CACHE_CONTROL, CACHE_FOR_A_DAY)], + [ + (CONTENT_TYPE, content_type), + (CACHE_CONTROL, CACHE_FOR_A_DAY), + (X_CONTENT_TYPE_OPTIONS, "nosniff") + ], file.contents()).into_response(), None => StatusCode::NOT_FOUND.into_response() } |