Skip to content

Commit ddfab0c

Browse files
pierrespierres
committed
Add form-action 'self' to CSP
1 parent aaf411b commit ddfab0c

File tree

1 file changed

+1
-0
lines changed

1 file changed

+1
-0
lines changed

internal/web/middleware.go

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -44,6 +44,7 @@ func SecureHeaders() Middleware {
4444
"img-src 'self' data:",
4545
"object-src 'none'",
4646
"base-uri 'self'",
47+
"form-action 'self'",
4748
"frame-ancestors 'none'",
4849
}, "; ")
4950
return func(next http.Handler) http.Handler {

0 commit comments

Comments
 (0)