[enh] add default http headers - closes #715

This commit is contained in:
Adam Tauber 2020-11-04 17:32:51 +01:00
parent c03e4c86bc
commit 063260d090
2 changed files with 16 additions and 0 deletions

View file

@ -17,6 +17,12 @@ server:
image_proxy : False # Proxying image results through searx image_proxy : False # Proxying image results through searx
http_protocol_version : "1.0" # 1.0 and 1.1 are supported http_protocol_version : "1.0" # 1.0 and 1.1 are supported
method: "POST" # POST queries are more secure as they don't show up in history but may cause problems when using Firefox containers method: "POST" # POST queries are more secure as they don't show up in history but may cause problems when using Firefox containers
default_http_headers:
X-Content-Type-Options : nosniff
X-XSS-Protection : 1; mode=block
X-Download-Options : noopen
X-Robots-Tag : noindex, nofollow
Referrer-Policy : no-referrer
ui: ui:
static_path : "" # Custom static path - leave it blank if you didn't change static_path : "" # Custom static path - leave it blank if you didn't change

View file

@ -487,6 +487,16 @@ def pre_request():
request.user_plugins.append(plugin) request.user_plugins.append(plugin)
@app.after_request
def add_default_headers(response):
# set default http headers
for header, value in settings['server'].get('default_http_headers', {}).items():
if header in response.headers:
continue
response.headers[header] = value
return response
@app.after_request @app.after_request
def post_request(response): def post_request(response):
total_time = time() - request.start_time total_time = time() - request.start_time