mirror of https://github.com/mikkolehtisalo/iw.git
46 lines
2.0 KiB
Go
46 lines
2.0 KiB
Go
package app
|
|
|
|
import "github.com/revel/revel"
|
|
import "github.com/mikkolehtisalo/revel/cachesession"
|
|
import "github.com/mikkolehtisalo/revel/gssserver"
|
|
import "github.com/mikkolehtisalo/revel/ldapuserdetails"
|
|
import "github.com/cbonello/revel-csrf"
|
|
|
|
func init() {
|
|
// Filters is the default set of global filters.
|
|
revel.Filters = []revel.Filter{
|
|
revel.PanicFilter, // Recover from panics and display an error page instead.
|
|
revel.RouterFilter, // Use the routing table to select the right Action
|
|
revel.FilterConfiguringFilter, // A hook for adding or removing per-Action filters.
|
|
revel.ParamsFilter, // Parse parameters into Controller.Params.
|
|
cachesession.CacheSessionFilter, // Use cache based session implementation.
|
|
gssserver.GSSServerFilter, // GSSAPI authentication
|
|
ldapuserdetails.UserDetailsLoadFilter, // Load user details from LDAP
|
|
revel.FlashFilter, // Restore and write the flash cookie.
|
|
csrf.CSRFFilter, // CSRF prevention.
|
|
revel.ValidationFilter, // Restore kept validation errors and save new ones from cookie.
|
|
revel.I18nFilter, // Resolve the requested language
|
|
HeaderFilter, // Add some security based headers
|
|
revel.InterceptorFilter, // Run interceptors around the action.
|
|
revel.CompressFilter, // Compress the result.
|
|
revel.ActionInvoker, // Invoke the action.
|
|
}
|
|
|
|
// register startup functions with OnAppStart
|
|
// ( order dependent )
|
|
// revel.OnAppStart(InitDB())
|
|
// revel.OnAppStart(FillCache())
|
|
}
|
|
|
|
// TODO turn this into revel.HeaderFilter
|
|
// should probably also have a filter for CSRF
|
|
// not sure if it can go in the same filter or not
|
|
var HeaderFilter = func(c *revel.Controller, fc []revel.Filter) {
|
|
// Add some common security headers
|
|
c.Response.Out.Header().Add("X-Frame-Options", "SAMEORIGIN")
|
|
c.Response.Out.Header().Add("X-XSS-Protection", "1; mode=block")
|
|
c.Response.Out.Header().Add("X-Content-Type-Options", "nosniff")
|
|
|
|
fc[0](c, fc[1:]) // Execute the next filter stage.
|
|
}
|