source: apps/i2ptunnel/jsp/edit.jsp @ 248deae

Last change on this file since 248deae was 248deae, checked in by zzz <zzz@…>, 5 years ago

Console: Add X-Content-Type-Options header everywhere (ticket #1763)

  • Property mode set to 100644
File size: 1.2 KB
Line 
1<%
2    // NOTE: Do the header carefully so there is no whitespace before the <?xml... line
3
4    response.setHeader("X-Frame-Options", "SAMEORIGIN");
5    // edit pages need script for the delete button 'are you sure'
6    response.setHeader("Content-Security-Policy", "default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline'");
7    response.setHeader("X-XSS-Protection", "1; mode=block");
8    response.setHeader("X-Content-Type-Options", "nosniff");
9
10%><%@page pageEncoding="UTF-8"
11%><%@page trimDirectiveWhitespaces="true"
12%><%@page contentType="text/html" import="net.i2p.i2ptunnel.web.EditBean"
13%><% 
14String tun = request.getParameter("tunnel");
15if (tun != null) {
16  try {
17    int curTunnel = Integer.parseInt(tun);
18    if (EditBean.staticIsClient(curTunnel)) {
19        %><jsp:include page="editClient.jsp" /><%
20    } else {
21        %><jsp:include page="editServer.jsp" /><%
22    }
23  } catch (NumberFormatException nfe) {
24    %>Invalid tunnel parameter<%
25  }
26} else {
27  String type = request.getParameter("type");
28  int curTunnel = -1;
29  if (EditBean.isClient(type)) {
30        %><jsp:include page="editClient.jsp" /><%
31  } else {
32        %><jsp:include page="editServer.jsp" /><%
33  }
34}
35%>
Note: See TracBrowser for help on using the repository browser.