helix
/
invidious
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Revert "Add Origin header checks"

Browse Source 
This reverts commit 2be240767c.
pull/229/head
Omar Roth 6 years ago
parent 2be240767c
commit f988123820
2 changed files with 0 additions and 10 deletions
Show Stats Download Patch File Download Diff File

9
src/invidious.cr
Unescape Escape View File

@ -128,15 +128,6 @@ if CONFIG.geo_bypass
end end
before_all do |env| before_all do |env|
if CONFIG.domains && env.request.headers["Origin"]?
origin = env.request.headers["Origin"]
domains = CONFIG.domains.not_nil!
if !domains.includes? origin
halt env, status_code: 403
end
end
env.response.headers["X-XSS-Protection"] = "1; mode=block;" env.response.headers["X-XSS-Protection"] = "1; mode=block;"
env.response.headers["X-Content-Type-Options"] = "nosniff" env.response.headers["X-Content-Type-Options"] = "nosniff"

1
src/invidious/helpers/helpers.cr
Unescape Escape View File

@ -16,7 +16,6 @@ class Config
hmac_key: String?, hmac_key: String?,
full_refresh: Bool, full_refresh: Bool,
geo_bypass: Bool, geo_bypass: Bool,
domains: Array(String)?,
}) })
end end

Write Preview
Loading…
Cancel
Save