try to fix dynamic scan warnings

2026-02-02 09:26:08 -05:00 · 2025-02-03 08:08:47 -08:00
parent ec02da930b
commit 8a70e728f2
1 changed files with 3 additions and 0 deletions
--- a/app/init.py
+++ b/app/init.py
@@ -286,10 +286,13 @@ def init_app(app):
    @app.after_request
    def after_request(response):
        response.headers.add("X-Content-Type-Options", "nosniff")
+
+        # Some dynamic scan findings
        response.headers.add("Cross-Origin-Opener-Policy", "same-origin")
        response.headers.add("Cross-Origin-Embedder-Policy", "require-corp")
        response.headers.add("Cross-Origin-Resource-Policy", "same-origin")
        response.headers.add("Cross-Origin-Opener-Policy", "same-origin")
+        response.headers.pop("Server", None)

        return response