mirror of
https://git.teknik.io/Teknikode/Teknik.git
synced 2023-08-02 14:16:22 +02:00
Reworked CSP policy for downloads
This commit is contained in:
parent
a9968e8f87
commit
366ad08e83
@ -273,7 +273,7 @@ namespace Teknik.Areas.Upload.Controllers
|
|||||||
Response.AddHeader("Content-Disposition", cd.ToString());
|
Response.AddHeader("Content-Disposition", cd.ToString());
|
||||||
|
|
||||||
// Apply content security policy for downloads
|
// Apply content security policy for downloads
|
||||||
Response.AddHeader("Content-Security-Policy", "default-src 'none'; script-src 'self'; style-src 'self'; img-src 'self'; font-src 'self'; connect-src 'self'; form-action 'none';");
|
Response.AddHeader("Content-Security-Policy", "default-src 'none'; script-src 'self' 'unsafe-inline'; style-src 'self'; img-src 'self'; font-src 'self'; connect-src 'self'; media-src 'self'; child-src 'self'; form-action 'none';");
|
||||||
|
|
||||||
// Read in the file
|
// Read in the file
|
||||||
FileStream fs = new FileStream(filePath, FileMode.Open, FileAccess.Read, FileShare.Read);
|
FileStream fs = new FileStream(filePath, FileMode.Open, FileAccess.Read, FileShare.Read);
|
||||||
|
Loading…
Reference in New Issue
Block a user