Mercurial > prosody-modules
comparison mod_http_upload_external/share.php @ 2977:7036e82f83f5
mod_http_upload_external: share.php example: Add CSP headers
| author | Matthew Wild <mwild1@gmail.com> |
|---|---|
| date | Mon, 02 Apr 2018 10:52:32 +0100 |
| parents | 67d6510c5f49 |
| children | 9480ca61294d |
comparison
equal
deleted
inserted
replaced
| 2976:df86ce6bb0b4 | 2977:7036e82f83f5 |
|---|---|
| 102 // Send file (using X-Sendfile would be nice here...) | 102 // Send file (using X-Sendfile would be nice here...) |
| 103 if(file_exists($store_file_name)) { | 103 if(file_exists($store_file_name)) { |
| 104 header('Content-Disposition: attachment'); | 104 header('Content-Disposition: attachment'); |
| 105 header('Content-Type: application/octet-stream'); | 105 header('Content-Type: application/octet-stream'); |
| 106 header('Content-Length: '.filesize($store_file_name)); | 106 header('Content-Length: '.filesize($store_file_name)); |
| 107 header('Content-Security-Policy: "default-src \'none\'"'); | |
| 108 header('X-Content-Security-Policy: "default-src \'none\'"'); | |
| 109 header('X-WebKit-CSP: "default-src 'none'"'); | |
| 107 if($request_method !== 'HEAD') { | 110 if($request_method !== 'HEAD') { |
| 108 readfile($store_file_name); | 111 readfile($store_file_name); |
| 109 } | 112 } |
| 110 } else { | 113 } else { |
| 111 header('HTTP/1.0 404 Not Found'); | 114 header('HTTP/1.0 404 Not Found'); |