GitHub-Proxy/Cura
1
0
Fork 0
mirror of https://git.mirrors.martin98.com/https://github.com/Ultimaker/Cura synced 2025-08-14 05:35:58 +08:00
Code Issues Packages Projects Releases Wiki Activity

Use HSTS for local OAuth2 callback server

Browse Source 
CURA-12458
This prevents possible man-in-the-middle attacks from within the user PC. Not very likely, but still a good practice.
This commit is contained in:
Erwan MATHIEU 2025-03-14 12:00:24 +01:00
parent 90115808ee
commit 67d4afb97e
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
cura/OAuth2/AuthorizationRequestHandler.py
View File

@ -127,6 +127,7 @@ class AuthorizationRequestHandler(BaseHTTPRequestHandler):
def _sendHeaders(self, status: "ResponseStatus", content_type: str, redirect_uri: str = None) -> None: def _sendHeaders(self, status: "ResponseStatus", content_type: str, redirect_uri: str = None) -> None:
self.send_response(status.code, status.message) self.send_response(status.code, status.message)
self.send_header("Content-type", content_type) self.send_header("Content-type", content_type)
self.send_header("Strict-Transport-Security", "max-age=900")
if redirect_uri: if redirect_uri:
self.send_header("Location", redirect_uri) self.send_header("Location", redirect_uri)
self.end_headers() self.end_headers()