diff --git a/src/Handler/Utils.hs b/src/Handler/Utils.hs index 0aaddd6cb..ccfd7d3e0 100644 --- a/src/Handler/Utils.hs +++ b/src/Handler/Utils.hs @@ -37,6 +37,7 @@ import Control.Monad.Logger sendThisFile :: DBFile -> Handler TypedContent sendThisFile File{..} | Just fileContent' <- fileContent = do + setCSPSandbox setContentDisposition' . Just $ takeFileName fileTitle let cType = simpleContentType (mimeLookup $ pack fileTitle) <> "; charset=utf-8" respondSourceDB cType $ @@ -45,7 +46,8 @@ sendThisFile File{..} sendFileReference :: forall file a. HasFileReference file => file -> Handler a sendFileReference (view (_FileReference . _1) -> fRef@FileReference{..}) = do - when (is _Just fileReferenceContent) $ + when (is _Just fileReferenceContent) $ do + setCSPSandbox setContentDisposition' . Just $ takeFileName fileReferenceTitle let cType = simpleContentType (mimeLookup $ pack fileReferenceTitle) <> "; charset=utf-8" join . runDB $ respondFileConditional Nothing cType fRef @@ -77,6 +79,7 @@ serveSomeFiles' archiveName source = do [] -> notFound [file] -> either sendFileReference sendThisFile file _moreFiles -> do + setCSPSandbox setContentDisposition' $ Just archiveName respondSourceDB typeZip $ do let zipComment = T.encodeUtf8 $ pack archiveName @@ -97,6 +100,7 @@ serveZipArchive' archiveName source = do case results of [] -> notFound _moreFiles -> do + setCSPSandbox setContentDisposition' $ Just archiveName respondSourceDB typeZip $ do let zipComment = T.encodeUtf8 $ pack archiveName diff --git a/src/Utils.hs b/src/Utils.hs index b403810b7..646e7afb5 100644 --- a/src/Utils.hs +++ b/src/Utils.hs @@ -1052,6 +1052,9 @@ setContentDisposition cd (fmap pack -> mFName) = replaceOrAddHeader (decodeUtf8 | otherwise = toPathPiece cd +setCSPSandbox :: MonadHandler m => m () +setCSPSandbox = replaceOrAddHeader "Content-Security-Policy" "sandbox;" + ------------------ -- Cryptography -- ------------------