diff options
Diffstat (limited to 'modules/luci-base/luasrc/http.lua')
-rw-r--r-- | modules/luci-base/luasrc/http.lua | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/modules/luci-base/luasrc/http.lua b/modules/luci-base/luasrc/http.lua index 8795dfc4b2..9cc9857867 100644 --- a/modules/luci-base/luasrc/http.lua +++ b/modules/luci-base/luasrc/http.lua @@ -224,7 +224,15 @@ function write(content, src_err) header("Cache-Control", "no-cache") header("Expires", "0") end - + if not context.headers["x-frame-options"] then + header("X-Frame-Options", "SAMEORIGIN") + end + if not context.headers["x-xss-protection"] then + header("X-XSS-Protection", "1; mode=block") + end + if not context.headers["x-content-type-options"] then + header("X-Content-Type-Options", "nosniff") + end context.eoh = true coroutine.yield(3) |