Added CSP on backend
This commit is contained in:
parent
4a6263cb0f
commit
302154506a
1 changed files with 36 additions and 1 deletions
|
|
@ -98,6 +98,7 @@ func connect() {
|
|||
c.Writer.Header().Set("X-Frame-Options", "DENY")
|
||||
c.Writer.Header().Set("X-Download-Options", "noopen")
|
||||
c.Writer.Header().Set("Referrer-Policy", "no-referrer")
|
||||
c.Writer.Header().Set("Content-Security-Policy", "default-src 'self'; img-src 'self';")
|
||||
c.Writer.Header().Set("X-Server", "OCBO Server")
|
||||
|
||||
switch method {
|
||||
|
|
@ -460,6 +461,8 @@ func connect() {
|
|||
c.Writer.Header().Set("X-Frame-Options", "DENY")
|
||||
c.Writer.Header().Set("X-Download-Options", "noopen")
|
||||
c.Writer.Header().Set("Referrer-Policy", "no-referrer")
|
||||
c.Writer.Header().Set("Content-Security-Policy", "default-src 'self'; img-src 'self';")
|
||||
c.Writer.Header().Set("X-Server", "OCBO Server")
|
||||
|
||||
switch method {
|
||||
case "check-building":
|
||||
|
|
@ -1370,6 +1373,8 @@ func connect() {
|
|||
c.Writer.Header().Set("X-Frame-Options", "DENY")
|
||||
c.Writer.Header().Set("X-Download-Options", "noopen")
|
||||
c.Writer.Header().Set("Referrer-Policy", "no-referrer")
|
||||
c.Writer.Header().Set("Content-Security-Policy", "default-src 'self'; img-src 'self';")
|
||||
c.Writer.Header().Set("X-Server", "OCBO Server")
|
||||
|
||||
switch method {
|
||||
case "check-access":
|
||||
|
|
@ -1426,6 +1431,8 @@ func connect() {
|
|||
c.Writer.Header().Set("X-Frame-Options", "DENY")
|
||||
c.Writer.Header().Set("X-Download-Options", "noopen")
|
||||
c.Writer.Header().Set("Referrer-Policy", "no-referrer")
|
||||
c.Writer.Header().Set("Content-Security-Policy", "default-src 'self'; img-src 'self';")
|
||||
c.Writer.Header().Set("X-Server", "OCBO Server")
|
||||
|
||||
dbpost, err := db.Prepare("INSERT INTO esign (esignid, employeeid, password, signature, image) VALUES (NULL, ?, ?, ?, ?)")
|
||||
if err != nil {
|
||||
|
|
@ -1473,6 +1480,8 @@ func connect() {
|
|||
c.Writer.Header().Set("X-Frame-Options", "DENY")
|
||||
c.Writer.Header().Set("X-Download-Options", "noopen")
|
||||
c.Writer.Header().Set("Referrer-Policy", "no-referrer")
|
||||
c.Writer.Header().Set("Content-Security-Policy", "default-src 'self'; img-src 'self';")
|
||||
c.Writer.Header().Set("X-Server", "OCBO Server")
|
||||
|
||||
dbpost, err := db.Prepare(`INSERT INTO occupancydocflowtxn (occupancydocflowtxnid, occupancyreceivingid, txndate, remarks, is_tag, tagword, is_approve, employeeid, is_compliance, comments)
|
||||
VALUES (NULL, ?, ?, ?, ?, ?, ?, ?, 0, NULL)`)
|
||||
|
|
@ -1521,6 +1530,8 @@ func connect() {
|
|||
c.Writer.Header().Set("X-Frame-Options", "DENY")
|
||||
c.Writer.Header().Set("X-Download-Options", "noopen")
|
||||
c.Writer.Header().Set("Referrer-Policy", "no-referrer")
|
||||
c.Writer.Header().Set("Content-Security-Policy", "default-src 'self'; img-src 'self';")
|
||||
c.Writer.Header().Set("X-Server", "OCBO Server")
|
||||
|
||||
dbpost, err := db.Prepare(`INSERT INTO electricaldocflowtxn (electricaldocflowtxnid, electricalid, txndate, remarks, comments, is_tag, tagword, is_approve, employeeid, is_delete)
|
||||
VALUES (NULL, ?, ?, ?, NULL, ?, ?, ?, ?, 0)`)
|
||||
|
|
@ -1564,6 +1575,8 @@ func connect() {
|
|||
c.Writer.Header().Set("X-Frame-Options", "DENY")
|
||||
c.Writer.Header().Set("X-Download-Options", "noopen")
|
||||
c.Writer.Header().Set("Referrer-Policy", "no-referrer")
|
||||
c.Writer.Header().Set("Content-Security-Policy", "default-src 'self'; img-src 'self';")
|
||||
c.Writer.Header().Set("X-Server", "OCBO Server")
|
||||
|
||||
dbpost, err := db.Prepare("UPDATE occupancydocflowtxn SET is_approve = 1 WHERE remarks = ? AND occupancyreceivingid = (SELECT occupancyid FROM occupancy WHERE controlNo = ?)")
|
||||
if err != nil {
|
||||
|
|
@ -1611,6 +1624,8 @@ func connect() {
|
|||
c.Writer.Header().Set("X-Frame-Options", "DENY")
|
||||
c.Writer.Header().Set("X-Download-Options", "noopen")
|
||||
c.Writer.Header().Set("Referrer-Policy", "no-referrer")
|
||||
c.Writer.Header().Set("Content-Security-Policy", "default-src 'self'; img-src 'self';")
|
||||
c.Writer.Header().Set("X-Server", "OCBO Server")
|
||||
|
||||
dbpost, err := db.Prepare("UPDATE electricaldocflowtxn SET is_approve = 1 WHERE remarks = ? AND electricalid = (SELECT electricalid FROM electrical WHERE electricalNo = ?)")
|
||||
if err != nil {
|
||||
|
|
@ -1657,6 +1672,8 @@ func connect() {
|
|||
c.Writer.Header().Set("X-Frame-Options", "DENY")
|
||||
c.Writer.Header().Set("X-Download-Options", "noopen")
|
||||
c.Writer.Header().Set("Referrer-Policy", "no-referrer")
|
||||
c.Writer.Header().Set("Content-Security-Policy", "default-src 'self'; img-src 'self';")
|
||||
c.Writer.Header().Set("X-Server", "OCBO Server")
|
||||
|
||||
dbpost, err := db.Prepare("UPDATE occupancy_orderofpayment SET popstransmitted = 1, is_release = 1 WHERE occupancyid = ? AND for_approval = 1 AND is_paid = 0 AND is_approve = 1")
|
||||
if err != nil {
|
||||
|
|
@ -1697,6 +1714,8 @@ func connect() {
|
|||
c.Writer.Header().Set("X-Frame-Options", "DENY")
|
||||
c.Writer.Header().Set("X-Download-Options", "noopen")
|
||||
c.Writer.Header().Set("Referrer-Policy", "no-referrer")
|
||||
c.Writer.Header().Set("Content-Security-Policy", "default-src 'self'; img-src 'self';")
|
||||
c.Writer.Header().Set("X-Server", "OCBO Server")
|
||||
|
||||
dbpost, err := db.Prepare("UPDATE electrical_orderofpayment_new SET popstransmitted = 1, is_release = 1 WHERE electricalid = ? AND for_approval = 1 AND is_paid = 0 AND is_approve = 1")
|
||||
if err != nil {
|
||||
|
|
@ -1737,6 +1756,8 @@ func connect() {
|
|||
c.Writer.Header().Set("X-Frame-Options", "DENY")
|
||||
c.Writer.Header().Set("X-Download-Options", "noopen")
|
||||
c.Writer.Header().Set("Referrer-Policy", "no-referrer")
|
||||
c.Writer.Header().Set("Content-Security-Policy", "default-src 'self'; img-src 'self';")
|
||||
c.Writer.Header().Set("X-Server", "OCBO Server")
|
||||
|
||||
dbpost, err := db.Prepare("UPDATE electrical_orderofpayment_new SET popstransmitted = 1, is_release = 1 WHERE electricalid = ? AND for_approval = 1 AND is_paid = 0 AND is_approve = 1")
|
||||
if err != nil {
|
||||
|
|
@ -1779,6 +1800,8 @@ func connect() {
|
|||
c.Writer.Header().Set("X-Frame-Options", "DENY")
|
||||
c.Writer.Header().Set("X-Download-Options", "noopen")
|
||||
c.Writer.Header().Set("Referrer-Policy", "no-referrer")
|
||||
c.Writer.Header().Set("Content-Security-Policy", "default-src 'self'; img-src 'self';")
|
||||
c.Writer.Header().Set("X-Server", "OCBO Server")
|
||||
|
||||
dbpost, err := db.Prepare("INSERT INTO esign_transactions (esign_transactionsid, esignid, referenceNo, date_signed) VALUES (NULL, ?, ?, ?)")
|
||||
if err != nil {
|
||||
|
|
@ -1831,6 +1854,8 @@ func connect() {
|
|||
c.Writer.Header().Set("X-Frame-Options", "DENY")
|
||||
c.Writer.Header().Set("X-Download-Options", "noopen")
|
||||
c.Writer.Header().Set("Referrer-Policy", "no-referrer")
|
||||
c.Writer.Header().Set("Content-Security-Policy", "default-src 'self'; img-src 'self';")
|
||||
c.Writer.Header().Set("X-Server", "OCBO Server")
|
||||
|
||||
dbpost, err := dbpop.Prepare(`INSERT INTO orderpaydetail (OrderPayId, OPRefId, OPSysId, OPDate, AcctRefId, AcctFullName, AcctAddress, AccountCode, AmountBasic, OPPostedBy, OPPostDate, OfficeCode, Amt_GFLGU, Amt_GFDPWH, Amt_TFBO, TranRefId)
|
||||
VALUES (NULL, ?, 'IIPS', ?, ?, ?, ?, ?, ?, ?, ?, 8751, ?, ?, ?, ?)`)
|
||||
|
|
@ -1873,6 +1898,8 @@ func connect() {
|
|||
c.Writer.Header().Set("X-Frame-Options", "DENY")
|
||||
c.Writer.Header().Set("X-Download-Options", "noopen")
|
||||
c.Writer.Header().Set("Referrer-Policy", "no-referrer")
|
||||
c.Writer.Header().Set("Content-Security-Policy", "default-src 'self'; img-src 'self';")
|
||||
c.Writer.Header().Set("X-Server", "OCBO Server")
|
||||
|
||||
dbpost, err := db.Prepare("UPDATE occupancy_orderofpayment SET is_approve = 1 WHERE occupancyid = ? AND for_approval = 1 AND is_paid = 0")
|
||||
if err != nil {
|
||||
|
|
@ -1920,6 +1947,8 @@ func connect() {
|
|||
c.Writer.Header().Set("X-Frame-Options", "DENY")
|
||||
c.Writer.Header().Set("X-Download-Options", "noopen")
|
||||
c.Writer.Header().Set("Referrer-Policy", "no-referrer")
|
||||
c.Writer.Header().Set("Content-Security-Policy", "default-src 'self'; img-src 'self';")
|
||||
c.Writer.Header().Set("X-Server", "OCBO Server")
|
||||
|
||||
dbpost, err := db.Prepare("UPDATE building_orderofpayment SET is_approve = 1 WHERE occupancyid = ? AND for_approval = 1 AND is_paid = 0")
|
||||
if err != nil {
|
||||
|
|
@ -1967,6 +1996,8 @@ func connect() {
|
|||
c.Writer.Header().Set("X-Frame-Options", "DENY")
|
||||
c.Writer.Header().Set("X-Download-Options", "noopen")
|
||||
c.Writer.Header().Set("Referrer-Policy", "no-referrer")
|
||||
c.Writer.Header().Set("Content-Security-Policy", "default-src 'self'; img-src 'self';")
|
||||
c.Writer.Header().Set("X-Server", "OCBO Server")
|
||||
|
||||
dbpost, err := db.Prepare("UPDATE electrical_orderofpayment_new SET is_approve = 1 WHERE electricalid = ? AND for_approval = 1 AND is_paid = 0")
|
||||
if err != nil {
|
||||
|
|
@ -2014,6 +2045,8 @@ func connect() {
|
|||
c.Writer.Header().Set("X-Frame-Options", "DENY")
|
||||
c.Writer.Header().Set("X-Download-Options", "noopen")
|
||||
c.Writer.Header().Set("Referrer-Policy", "no-referrer")
|
||||
c.Writer.Header().Set("Content-Security-Policy", "default-src 'self'; img-src 'self';")
|
||||
c.Writer.Header().Set("X-Server", "OCBO Server")
|
||||
|
||||
dbpost, err := db.Prepare("UPDATE employee SET employeename = ? WHERE employeeid = ?")
|
||||
if err != nil {
|
||||
|
|
@ -2058,6 +2091,8 @@ func connect() {
|
|||
c.Writer.Header().Set("X-Frame-Options", "DENY")
|
||||
c.Writer.Header().Set("X-Download-Options", "noopen")
|
||||
c.Writer.Header().Set("Referrer-Policy", "no-referrer")
|
||||
c.Writer.Header().Set("Content-Security-Policy", "default-src 'self'; img-src 'self';")
|
||||
c.Writer.Header().Set("X-Server", "OCBO Server")
|
||||
|
||||
dbpost, err := db.Prepare("UPDATE esign SET password = ? WHERE employeeid = ?")
|
||||
if err != nil {
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue