Changeset

2977:7036e82f83f5

mod_http_upload_external: share.php example: Add CSP headers
author Matthew Wild <mwild1@gmail.com>
date Mon, 02 Apr 2018 10:52:32 +0100
parents 2976:df86ce6bb0b4
children 2978:ac99a04231b1
files mod_http_upload_external/share.php
diffstat 1 files changed, 3 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- a/mod_http_upload_external/share.php	Sun Apr 01 23:24:33 2018 +0200
+++ b/mod_http_upload_external/share.php	Mon Apr 02 10:52:32 2018 +0100
@@ -104,6 +104,9 @@
 		header('Content-Disposition: attachment');
 		header('Content-Type: application/octet-stream');
 		header('Content-Length: '.filesize($store_file_name));
+		header('Content-Security-Policy: "default-src \'none\'"');
+		header('X-Content-Security-Policy: "default-src \'none\'"');
+		header('X-WebKit-CSP: "default-src 'none'"');
 		if($request_method !== 'HEAD') {
 			readfile($store_file_name);
 		}