1
1
mirror of https://github.com/go-gitea/gitea synced 2024-11-16 07:04:25 +00:00

add bool for performance

This commit is contained in:
silverwind 2024-04-03 01:52:56 +02:00
parent bd4559c4cd
commit d5c7b6d502
No known key found for this signature in database
GPG Key ID: 2E62B41C93869443
4 changed files with 6 additions and 3 deletions

View File

@ -38,6 +38,7 @@ var (
CSRFCookieName = "_csrf"
CSRFCookieHTTPOnly = true
XFrameOptions string
UseXFrameOptions bool
)
// loadSecret load the secret from ini by uriKey or verbatimKey, only one of them could be set
@ -140,7 +141,9 @@ func loadSecurityFrom(rootCfg ConfigProvider) {
CSRFCookieHTTPOnly = sec.Key("CSRF_COOKIE_HTTP_ONLY").MustBool(true)
PasswordCheckPwn = sec.Key("PASSWORD_CHECK_PWN").MustBool(false)
SuccessfulTokensCacheSize = sec.Key("SUCCESSFUL_TOKENS_CACHE_SIZE").MustInt(20)
XFrameOptions = sec.Key("X_FRAME_OPTIONS").MustString("SAMEORIGIN")
UseXFrameOptions = XFrameOptions != "false"
InternalToken = loadSecret(sec, "INTERNAL_TOKEN_URI", "INTERNAL_TOKEN")
if InstallLock && InternalToken == "" {

View File

@ -35,7 +35,7 @@ func RenderPanicErrorPage(w http.ResponseWriter, req *http.Request, err any) {
httpcache.SetCacheControlInHeader(w.Header(), 0, "no-transform")
if setting.XFrameOptions != "false" {
if setting.UseXFrameOptions {
w.Header().Set(`X-Frame-Options`, setting.XFrameOptions)
}

View File

@ -236,7 +236,7 @@ func APIContexter() func(http.Handler) http.Handler {
httpcache.SetCacheControlInHeader(ctx.Resp.Header(), 0, "no-transform")
if setting.XFrameOptions != "false" {
if setting.UseXFrameOptions {
ctx.Resp.Header().Set(`X-Frame-Options`, setting.XFrameOptions)
}

View File

@ -191,7 +191,7 @@ func Contexter() func(next http.Handler) http.Handler {
httpcache.SetCacheControlInHeader(ctx.Resp.Header(), 0, "no-transform")
if setting.XFrameOptions != "false" {
if setting.UseXFrameOptions {
ctx.Resp.Header().Set(`X-Frame-Options`, setting.XFrameOptions)
}