darkhelm/notifications-admin
1
0
Fork 0
mirror of https://github.com/GSA/notifications-admin.git synced 2025-12-14 09:03:33 -05:00
Code Issues Packages Projects Releases Wiki Activity

Update notifications_utils/request_helper.py

Browse Source 
Co-authored-by: ccostino <ccostino@users.noreply.github.com>
This commit is contained in:
Jonathan Bobel
2025-03-14 12:13:52 -04:00
committed by GitHub
parent 236fafd597
commit 5a1b656d7e
1 changed files with 6 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
notifications_utils/request_helper.py
View File

@@ -75,18 +75,13 @@ class ResponseHeaderMiddleware(object):
if SPAN_ID_HEADER.lower() not in lower_existing_header_names:
headers.append((SPAN_ID_HEADER, str(req.span_id)))
def rewrite_response_headers(status, headers, exc_info=None):
lower_existing_header_names = {name.lower() for name, value in headers}
# Set COOP once (needed for security)
if "cross-origin-opener-policy" not in lower_existing_header_names:
headers.append(("Cross-Origin-Opener-Policy", "same-origin"))
# Set COOP once (needed for security)
if "cross-origin-opener-policy" not in lower_existing_header_names:
headers.append(("Cross-Origin-Opener-Policy", "same-origin"))
# Ensure `Cross-Origin-Resource-Policy: cross-origin` is set
if "cross-origin-resource-policy" not in lower_existing_header_names:
headers.append(("Cross-Origin-Resource-Policy", "cross-origin"))
return start_response(status, headers, exc_info)
# Ensure `Cross-Origin-Resource-Policy: cross-origin` is set
if "cross-origin-resource-policy" not in lower_existing_header_names:
headers.append(("Cross-Origin-Resource-Policy", "cross-origin"))
# svg content type should not contain charset
found_svg = False