o01eg/freeorion-test-web - Change 6CFNBL5LBZNP7CHANCXUZY5RQYREPSR6SQIKIWFLFXS4JU26KIWAC

Add headers for better security

Created by O01eg on February 2, 2022

6CFNBL5LBZNP7CHANCXUZY5RQYREPSR6SQIKIWFLFXS4JU26KIWAC

Dependencies

In channels

main

Change contents

Insertion in src/pages/reset_game_pwd.rs at line 4 [3.597]
[3.664]
[2.438]
```
use crate::pages::insert_security_headers;
```
Replacement in src/pages/reset_game_pwd.rs at line 93 [3.597]
∅:D[4.266] → [3.873:907]
B:BD[3.873] → [3.873:907]
```
    HttpResponse::Ok().body(body)
```
[4.266]
[3.907]
```
    insert_security_headers(HttpResponse::Ok()).body(body)
```
Insertion in src/pages/query_reset_game_pwd.rs at line 3 [2.557]
[2.595]
[2.595]
```
use crate::pages::insert_security_headers;
```
Replacement in src/pages/query_reset_game_pwd.rs at line 15 [2.557]
B:BD[2.1023] → [2.1023:1057]
```
    HttpResponse::Ok().body(body)
```
[2.1023]
[2.1057]
```
    insert_security_headers(HttpResponse::Ok()).body(body)
```
Insertion in src/pages/mod.rs at line 1 [5.50]
[5.50]
[6.383]
```
use actix_web::HttpResponseBuilder;
```

Insertion in src/pages/mod.rs at line 28 [5.50]

[6.561]


pub fn insert_security_headers(mut response: HttpResponseBuilder) -> HttpResponseBuilder {
    response
        .insert_header((actix_web::http::header::X_FRAME_OPTIONS, "DENY"))
        .insert_header((
            actix_web::http::header::CONTENT_SECURITY_POLICY,
            "default-src 'none'; frame-ancestors 'none'; object-src 'none'; script-src 'none'; style-src 'self'; img-src 'self'",
        ))
        .insert_header((actix_web::http::header::REFERRER_POLICY, "same-origin"))
        .insert_header((actix_web::http::header::X_XSS_PROTECTION, "1; mode=block"));
    response
}

Insertion in src/pages/index.rs at line 3 [5.100]
[5.138]
[2.1368]
```
use crate::pages::insert_security_headers;
```
Replacement in src/pages/index.rs at line 15 [5.100]
∅:D[4.515] → [5.298:332]
B:BD[5.298] → [5.298:332]
```
    HttpResponse::Ok().body(body)
```
[4.515]
[5.332]
```
    insert_security_headers(HttpResponse::Ok()).body(body)
```

Add headers for better security

Dependencies

In channels

Change contents

Insertion in src/pages/reset_game_pwd.rs at line 4 [3.597]

Replacement in src/pages/reset_game_pwd.rs at line 93 [3.597]

Insertion in src/pages/query_reset_game_pwd.rs at line 3 [2.557]

Replacement in src/pages/query_reset_game_pwd.rs at line 15 [2.557]

Insertion in src/pages/mod.rs at line 1 [5.50]

Insertion in src/pages/mod.rs at line 28 [5.50]

Insertion in src/pages/index.rs at line 3 [5.100]

Replacement in src/pages/index.rs at line 15 [5.100]