diff --git a/.gitignore b/.gitignore
index ed61d2b..b1cba21 100644
--- a/.gitignore
+++ b/.gitignore
@@ -6,3 +6,4 @@
/tweety.json
/dist/
+/tweety
diff --git a/.vscode/tasks.json b/.vscode/tasks.json
index e0efee4..87e4f6c 100644
--- a/.vscode/tasks.json
+++ b/.vscode/tasks.json
@@ -7,6 +7,29 @@
"command": "npm run build",
"options": {
"cwd": "${workspaceFolder}/frontend"
+ },
+ "group": {
+ "kind": "build"
+ }
+ },
+ {
+ "label": "build tweety",
+ "type": "shell",
+ "command": "go build -o tweety",
+ "group": {
+ "kind": "build"
+ }
+ },
+ {
+ "label": "build",
+ "dependsOn": [
+ "build frontend",
+ "build tweety"
+ ],
+ "dependsOrder": "sequence",
+ "group": {
+ "kind": "build",
+ "isDefault": true
}
}
]
diff --git a/frontend/index.html b/frontend/index.html
index 7fcaf52..3779c93 100644
--- a/frontend/index.html
+++ b/frontend/index.html
@@ -10,7 +10,6 @@
content="default-src 'self'; script-src 'self'; style-src 'self'; connect-src 'self' ws://localhost:* http://localhost:*">
-
Terminal
diff --git a/server.go b/server.go
index f2508c2..dce9eb6 100644
--- a/server.go
+++ b/server.go
@@ -29,6 +29,11 @@ func NewHandler() (http.Handler, error) {
r.Use(func(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
w.Header().Set("Access-Control-Allow-Private-Network", "true")
+ w.Header().Set("X-Frame-Options", "SAMEORIGIN")
+ w.Header().Set("X-Content-Type-Options", "nosniff")
+ w.Header().Set("X-XSS-Protection", "1; mode=block")
+ w.Header().Set("Referrer-Policy", "same-origin")
+ w.Header().Set("Content-Security-Policy", "default-src 'self'; script-src 'self'; style-src 'self';")
next.ServeHTTP(w, r)
})
})