Add --csp and --allow-html flagsv0.1.6

author: clsr <clsr@clsr.net> 2016-06-16 21:11:55 +0200
committer: clsr <clsr@clsr.net> 2016-06-16 21:11:55 +0200
commit: d5bfbdefb1bb56d7062975cd04954aa1ad346018 (patch)
tree: 2892f9d7e763457db7bc15a948dc5db169f6223d /main.go
parent: 062d8e6a2d0da35d29b742a6970a9268b517f20c (diff)
download: gomf-d5bfbdefb1bb56d7062975cd04954aa1ad346018.tar.gz
gomf-d5bfbdefb1bb56d7062975cd04954aa1ad346018.zip
1 files changed, 4 insertions, 0 deletions
diff --git a/main.go b/main.go
index 1b72477..40ba912 100644
--- a/main.go
+++ b/main.go
@@ -17,7 +17,9 @@ var (
 	siteName    string
 	contactMail string
 	abuseMail   string
+	csp         string
 	hsts        bool
+	allowHtml   bool
 )
 
 func handle(w http.ResponseWriter, r *http.Request) {
@@ -37,7 +39,9 @@ func main() {
 	flag.StringVar(&siteName, "name", "Gomf", "website name")
 	flag.StringVar(&contactMail, "contact", "contact@example.com", "contact email address")
 	flag.StringVar(&abuseMail, "abuse", "abuse@example.com", "abuse email address")
+	flag.StringVar(&csp, "csp", "default-src 'none'; media-src 'self'", "the Content-Security-Policy header for files; blank to disable")
 	flag.BoolVar(&hsts, "hsts", false, "enable HSTS")
+	flag.BoolVar(&allowHtml, "allow-html", false, "serve (X)HTML uploads with (X)HTML filetypes")
 	listenHttp := flag.String("http", "localhost:8080", "address to listen on for HTTP")
 	listenHttps := flag.String("https", "", "address to listen on for HTTPS")
 	cert := flag.String("cert", "", "path to TLS certificate (for HTTPS)")
author	clsr <clsr@clsr.net>	2016-06-16 21:11:55 +0200
committer	clsr <clsr@clsr.net>	2016-06-16 21:11:55 +0200
commit	d5bfbdefb1bb56d7062975cd04954aa1ad346018 (patch)
tree	2892f9d7e763457db7bc15a948dc5db169f6223d /main.go
parent	062d8e6a2d0da35d29b742a6970a9268b517f20c (diff)
download	gomf-d5bfbdefb1bb56d7062975cd04954aa1ad346018.tar.gz gomf-d5bfbdefb1bb56d7062975cd04954aa1ad346018.zip