From 2f9fe2cfad83416647beed9c3c9085d686c43b09 Mon Sep 17 00:00:00 2001 From: Horus_Arch Date: Sat, 14 Feb 2015 23:11:57 +0100 Subject: Initial commit. --- app/init.go | 38 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) create mode 100644 app/init.go (limited to 'app/init.go') diff --git a/app/init.go b/app/init.go new file mode 100644 index 0000000..2305d73 --- /dev/null +++ b/app/init.go @@ -0,0 +1,38 @@ +package app + +import "github.com/revel/revel" + +func init() { + // Filters is the default set of global filters. + revel.Filters = []revel.Filter{ + revel.PanicFilter, // Recover from panics and display an error page instead. + revel.RouterFilter, // Use the routing table to select the right Action + revel.FilterConfiguringFilter, // A hook for adding or removing per-Action filters. + revel.ParamsFilter, // Parse parameters into Controller.Params. + revel.SessionFilter, // Restore and write the session cookie. + revel.FlashFilter, // Restore and write the flash cookie. + revel.ValidationFilter, // Restore kept validation errors and save new ones from cookie. + revel.I18nFilter, // Resolve the requested language + HeaderFilter, // Add some security based headers + revel.InterceptorFilter, // Run interceptors around the action. + revel.CompressFilter, // Compress the result. + revel.ActionInvoker, // Invoke the action. + } + + // register startup functions with OnAppStart + // ( order dependent ) + // revel.OnAppStart(InitDB) + // revel.OnAppStart(FillCache) +} + +// TODO turn this into revel.HeaderFilter +// should probably also have a filter for CSRF +// not sure if it can go in the same filter or not +var HeaderFilter = func(c *revel.Controller, fc []revel.Filter) { + // Add some common security headers + c.Response.Out.Header().Add("X-Frame-Options", "SAMEORIGIN") + c.Response.Out.Header().Add("X-XSS-Protection", "1; mode=block") + c.Response.Out.Header().Add("X-Content-Type-Options", "nosniff") + + fc[0](c, fc[1:]) // Execute the next filter stage. +} -- cgit v1.2.3