limepotato/jormungandr-bite
1
0
Fork 0
mirror of https://iceshrimp.dev/limepotato/jormungandr-bite.git synced 2024-11-22 01:47:39 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

[backend] Set X-Content-Type-Options to nosniff on the drive files endpoint

Browse source
This commit is contained in:
Laura Hausmann 2024-03-27 13:31:53 +01:00
parent cf506d3bd9
commit 41cb218aa8
No known key found for this signature in database
GPG key ID: D044E84C5BE01605
1 changed files with 2 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
packages/backend/src/server/file/send-drive-file.ts
View file

@ -49,6 +49,8 @@ export default async function (ctx: Koa.Context) {
return; return;
} }
ctx.set("X-Content-Type-Options", "nosniff");
const isThumbnail = file.thumbnailAccessKey === key; const isThumbnail = file.thumbnailAccessKey === key;
const isWebpublic = file.webpublicAccessKey === key; const isWebpublic = file.webpublicAccessKey === key;