MCPcopy
hub / github.com/bettercap/bettercap / setSecurityHeaders

Method setSecurityHeaders

modules/api_rest/api_rest_controller.go:48–57  ·  view source on GitHub ↗
(w http.ResponseWriter)

Source from the content-addressed store, hash-verified

46}
47
48func (mod *RestAPI) setSecurityHeaders(w http.ResponseWriter) {
49 w.Header().Add("X-Frame-Options", "DENY")
50 w.Header().Add("X-Content-Type-Options", "nosniff")
51 w.Header().Add("X-XSS-Protection", "1; mode=block")
52 w.Header().Add("Referrer-Policy", "same-origin")
53
54 w.Header().Set("Access-Control-Allow-Origin", mod.allowOrigin)
55 w.Header().Add("Access-Control-Allow-Headers", "Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization")
56 w.Header().Add("Access-Control-Allow-Methods", "POST, GET, OPTIONS, PUT, DELETE")
57}
58
59func (mod *RestAPI) checkAuth(r *http.Request) bool {
60 if mod.username != "" && mod.password != "" {

Callers 5

corsRouteMethod · 0.95
sessionRouteMethod · 0.95
eventsRouteMethod · 0.95
fileRouteMethod · 0.95
TestSetSecurityHeadersFunction · 0.95

Calls 3

HeaderMethod · 0.80
AddMethod · 0.45
SetMethod · 0.45

Tested by 1

TestSetSecurityHeadersFunction · 0.76