simonzhangsz/omc_api
1
0
Fork 0
Code Activity

feat: 合并Gin_Vue

Browse Source
This commit is contained in:
TsMask
2023-10-16 20:04:08 +08:00
parent 55fe1d534d
commit 05c7e9b9e8
213 changed files with 20338 additions and 311 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
src/framework/middleware/security/csp.go Normal file
View File

@@ -0,0 +1,22 @@
package security
import (
"ems.agt/src/framework/config"
"ems.agt/src/framework/utils/generate"
"github.com/gin-gonic/gin"
)
// TODO
// csp 这将帮助防止跨站脚本攻击XSS
// HTTP 响应头 Content-Security-Policy 允许站点管理者控制指定的页面加载哪些资源。
func csp(c *gin.Context) {
enable := false
if v := config.Get("security.csp.enable"); v != nil {
enable = v.(bool)
}
if enable {
c.Header("x-csp-nonce", generate.Code(8))
}
}