2022-08-31 20:49:14 +00:00
|
|
|
package controllers
|
|
|
|
|
|
2022-09-19 12:46:16 +00:00
|
|
|
import (
|
2023-01-04 11:35:24 +00:00
|
|
|
"net/http"
|
2022-09-20 10:21:01 +00:00
|
|
|
"officeHours/config"
|
|
|
|
|
"officeHours/models"
|
2022-09-19 12:46:16 +00:00
|
|
|
)
|
2022-08-31 20:49:14 +00:00
|
|
|
|
|
|
|
|
// BaseHandler will hold everything that controller needs
|
|
|
|
|
type BaseHandler struct {
|
|
|
|
|
roomRepo models.RoomRepository
|
|
|
|
|
officeHourRepo models.OfficeHourRepository
|
|
|
|
|
courseRepo models.CourseRepository
|
|
|
|
|
tutorRepo models.TutorRepository
|
2022-09-05 15:55:08 +00:00
|
|
|
requestRepo models.RequestRepository
|
2022-09-19 12:46:16 +00:00
|
|
|
config config.Config
|
2022-08-31 20:49:14 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// NewBaseHandler returns a new BaseHandler
|
2022-09-19 12:46:16 +00:00
|
|
|
func NewBaseHandler(roomRepo models.RoomRepository,
|
|
|
|
|
officeHourRepo models.OfficeHourRepository,
|
|
|
|
|
courseRepo models.CourseRepository,
|
|
|
|
|
tutorRepo models.TutorRepository,
|
|
|
|
|
requestRepo models.RequestRepository,
|
|
|
|
|
config config.Config) *BaseHandler {
|
|
|
|
|
return &BaseHandler{roomRepo, officeHourRepo, courseRepo, tutorRepo, requestRepo, config}
|
2022-08-31 20:49:14 +00:00
|
|
|
}
|
2023-01-04 11:35:24 +00:00
|
|
|
|
|
|
|
|
func SendSecurityHeaders(w http.ResponseWriter, req *http.Request) {
|
|
|
|
|
w.Header().Set("X-Frame-Options", "DENY")
|
|
|
|
|
w.Header().Set("Content-Security-Policy", "default-src 'none'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; base-uri 'none'; form-action 'self'; frame-ancestors 'none'")
|
|
|
|
|
w.Header().Set("X-Content-Type-Options", "nosniff")
|
|
|
|
|
w.Header().Set("Referrer-Policy", "same-origin")
|
|
|
|
|
w.Header().Set("X-XSS-Protection", "1; mode=block")
|
|
|
|
|
}
|
