diff options
author | Martin Fischer <martin@push-f.com> | 2022-07-30 09:15:45 +0200 |
---|---|---|
committer | Martin Fischer <martin@push-f.com> | 2022-07-30 09:15:45 +0200 |
commit | 3dc92796c8674b9e8a1370797723ef1c327085b6 (patch) | |
tree | aa0842c52420c07fea56c4c2a20bed2ce6d67a87 | |
parent | e9532cfbf9b125db3e0d501da1b2d678713b55bb (diff) |
set Referrer-Policy: same-origin for more privacy
-rw-r--r-- | src/main.rs | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/src/main.rs b/src/main.rs index 73de77d..8005892 100644 --- a/src/main.rs +++ b/src/main.rs @@ -240,6 +240,10 @@ async fn service<C: Controller>( .parse() .unwrap() }); + + // don't leak the hostname of the GitPad instance when following external links + resp.headers_mut() + .insert(header::REFERRER_POLICY, "same-origin".parse().unwrap()); resp } |