diff options
| author | Miguel Jacq <mig@mig5.net> | 2021-12-17 17:53:15 +1100 |
|---|---|---|
| committer | Miguel Jacq <mig@mig5.net> | 2021-12-17 17:53:15 +1100 |
| commit | e6a17bc74338297fe345121a9a03196f6843a2e1 (patch) | |
| tree | 02aaa75e7d639a466f44039596852b728809070f /cli/onionshare_cli/web/web.py | |
| parent | 4b18cb7d0f5e17fa2ac7d64e69be72e53775b163 (diff) | |
| download | onionshare-e6a17bc74338297fe345121a9a03196f6843a2e1.tar.gz onionshare-e6a17bc74338297fe345121a9a03196f6843a2e1.zip | |
Force the MIME type for .js files to be text/javascript, to override silly OS databases/registries with incorrect settings, which Flask would otherwise depend on
Diffstat (limited to 'cli/onionshare_cli/web/web.py')
| -rw-r--r-- | cli/onionshare_cli/web/web.py | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/cli/onionshare_cli/web/web.py b/cli/onionshare_cli/web/web.py index cf65b69e..4f0625a0 100644 --- a/cli/onionshare_cli/web/web.py +++ b/cli/onionshare_cli/web/web.py @@ -18,6 +18,7 @@ You should have received a copy of the GNU General Public License along with this program. If not, see <http://www.gnu.org/licenses/>. """ import logging +import mimetypes import os import queue import requests @@ -80,6 +81,16 @@ class Web: self.settings = mode_settings + # Flask guesses the MIME type of files from a database on the operating + # system. + # Some operating systems, or applications that can modify the database + # (such as the Windows Registry) can treat .js files as text/plain, + # which breaks the chat app due to X-Content-Type-Options: nosniff. + # + # It's probably #notourbug but we can fix it by forcing the mimetype. + # https://github.com/onionshare/onionshare/issues/1443 + mimetypes.add_type('text/javascript', '.js') + # The flask app self.app = Flask( __name__, |