3D-printing/Cura
1
0
Fork 0
mirror of https://github.com/Ultimaker/Cura.git synced 2025-06-26 01:15:28 -06:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

Use HSTS for local OAuth2 callback server

Browse source 
CURA-12458
This prevents possible man-in-the-middle attacks from within the user PC. Not very likely, but still a good practice.
This commit is contained in:
Erwan MATHIEU 2025-03-14 12:00:24 +01:00
parent 90115808ee
commit 67d4afb97e
1 changed files with 1 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

1
cura/OAuth2/AuthorizationRequestHandler.py
View file

@ -127,6 +127,7 @@ class AuthorizationRequestHandler(BaseHTTPRequestHandler):
def _sendHeaders(self, status: "ResponseStatus", content_type: str, redirect_uri: str = None) -> None:
self.send_response(status.code, status.message)
self.send_header("Content-type", content_type)
self.send_header("Strict-Transport-Security", "max-age=900")
if redirect_uri:
self.send_header("Location", redirect_uri)
self.end_headers()