diff options
| author | r <r@freesoftwareextremist.com> | 2023-10-15 15:53:44 +0000 |
|---|---|---|
| committer | r <r@freesoftwareextremist.com> | 2023-10-15 15:53:44 +0000 |
| commit | 67b13c71baea56eeb15532ca1b1377f6da8d18ac (patch) | |
| tree | c10bc1f71e283b431076fd376acf170906fa0188 /model | |
| parent | ed521dd33d0d002c577a75e349136fed25b7fda5 (diff) | |
| download | bloat-67b13c71baea56eeb15532ca1b1377f6da8d18ac.tar.gz bloat-67b13c71baea56eeb15532ca1b1377f6da8d18ac.zip | |
Use CSP header to restrict resource loading
This helps mitigate XSS exploits.
Users will have to save the settings again to make the custom CSS
work.
Diffstat (limited to 'model')
| -rw-r--r-- | model/session.go | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/model/session.go b/model/session.go index f9e4287..61a409c 100644 --- a/model/session.go +++ b/model/session.go @@ -27,6 +27,7 @@ type Settings struct { AntiDopamineMode bool `json:"adm,omitempty"` HideUnsupportedNotifs bool `json:"hun,omitempty"` CSS string `json:"css,omitempty"` + CSSHash string `json:"cssh,omitempty"` } func NewSettings() *Settings { @@ -43,5 +44,6 @@ func NewSettings() *Settings { AntiDopamineMode: false, HideUnsupportedNotifs: false, CSS: "", + CSSHash: "", } } |