add some basic HTTP security headers
This commit is contained in:
+5
-2
@@ -1,6 +1,9 @@
|
|||||||
node_modules/
|
|
||||||
worker/
|
worker/
|
||||||
dist/
|
dist/
|
||||||
|
node_modules/
|
||||||
package-lock.json
|
package-lock.json
|
||||||
|
|
||||||
|
# don't accidentally commit OS images (again...)
|
||||||
*.img
|
*.img
|
||||||
|
*.raw
|
||||||
|
*.qcow2
|
||||||
|
|||||||
@@ -0,0 +1 @@
|
|||||||
|
package-lock=false
|
||||||
+22
-11
@@ -1,4 +1,4 @@
|
|||||||
import { getAssetFromKV, mapRequestToAsset } from '@cloudflare/kv-asset-handler'
|
import { getAssetFromKV } from '@cloudflare/kv-asset-handler'
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* The DEBUG flag will do two things that help during development:
|
* The DEBUG flag will do two things that help during development:
|
||||||
@@ -25,21 +25,32 @@ addEventListener('fetch', event => {
|
|||||||
})
|
})
|
||||||
|
|
||||||
async function handleEvent(event) {
|
async function handleEvent(event) {
|
||||||
const url = new URL(event.request.url)
|
|
||||||
let options = {
|
let options = {
|
||||||
cacheControl: {
|
cacheControl: {
|
||||||
edgeTTL: 60 * 60 * 1, // 1 hour
|
browserTTL: 3600,
|
||||||
browserTTL: 60 * 60 * 1, // 1 hour
|
|
||||||
bypassCache: false,
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
let headers = {
|
||||||
|
'X-XSS-Protection': '1; mode=block',
|
||||||
|
'X-Frame-Options': 'DENY',
|
||||||
|
'X-Content-Type-Options': 'nosniff',
|
||||||
|
'x-y2k-backend': 'v5',
|
||||||
|
'x-y2k-debug': DEBUG,
|
||||||
|
}
|
||||||
|
|
||||||
try {
|
try {
|
||||||
if (DEBUG) {
|
if (DEBUG) options.cacheControl.bypassCache = true
|
||||||
// customize caching
|
|
||||||
options.cacheControl.bypassCache = true
|
// asset was found, the good stuff goes here
|
||||||
}
|
let asset = await getAssetFromKV(event, options)
|
||||||
return await getAssetFromKV(event, options)
|
|
||||||
|
// set various security headers above
|
||||||
|
Object.keys(headers).forEach((name) => {
|
||||||
|
asset.headers.set(name, headers[name])
|
||||||
|
})
|
||||||
|
|
||||||
|
return asset
|
||||||
} catch (e) {
|
} catch (e) {
|
||||||
// if an error is thrown try to serve the asset at 404.html
|
// if an error is thrown try to serve the asset at 404.html
|
||||||
if (!DEBUG) {
|
if (!DEBUG) {
|
||||||
@@ -52,6 +63,6 @@ async function handleEvent(event) {
|
|||||||
} catch (e) {}
|
} catch (e) {}
|
||||||
}
|
}
|
||||||
|
|
||||||
return new Response(e.message || e.toString(), { status: 500 })
|
return new Response(e.message || e.toString(), { headers, status: 500 })
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -1,12 +1,12 @@
|
|||||||
{
|
{
|
||||||
"private": true,
|
"private": true,
|
||||||
"name": "worker",
|
"name": "y2k-static",
|
||||||
"version": "1.0.0",
|
"version": "1.0.0",
|
||||||
"description": "A template for kick starting a Cloudflare Workers project",
|
"homepage": "https://y2k.lol/",
|
||||||
"main": "index.js",
|
"author": "Jake Jarvis <jake@jarv.is>",
|
||||||
"author": "Ashley Lewis <ashleymichal@gmail.com>",
|
|
||||||
"license": "MIT",
|
"license": "MIT",
|
||||||
|
"main": "index.js",
|
||||||
"dependencies": {
|
"dependencies": {
|
||||||
"@cloudflare/kv-asset-handler": "^0.0.5"
|
"@cloudflare/kv-asset-handler": "*"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user