From d38926924cd0dcb428f3477921bfb0e92ba14e18 Mon Sep 17 00:00:00 2001
From: Zoe Roux <zoe.roux@sdg.moe>
Date: Mon, 15 Mar 2021 22:02:01 +0100
Subject: [PATCH] Fixing providers's thumbnails and adding security headers

---
 Kyoo/Controllers/ThumbnailsManager.cs |  4 ++--
 Kyoo/Startup.cs                       | 24 ++++++++++++------------
 2 files changed, 14 insertions(+), 14 deletions(-)

diff --git a/Kyoo/Controllers/ThumbnailsManager.cs b/Kyoo/Controllers/ThumbnailsManager.cs
index 783e7a0a..a2f0f7ac 100644
--- a/Kyoo/Controllers/ThumbnailsManager.cs
+++ b/Kyoo/Controllers/ThumbnailsManager.cs
@@ -107,12 +107,12 @@ namespace Kyoo.Controllers
 			if (provider.Logo == null)
 				return provider;
 
-			string root = _config.GetValue<string>("peoplePath");
+			string root = _config.GetValue<string>("providerPath");
 			string localPath = Path.Combine(root, provider.Slug + ".jpg");
 			
 			Directory.CreateDirectory(root);
 			if (alwaysDownload || !File.Exists(localPath))
-				await DownloadImage(provider.Logo, localPath, $"The thumbnail of {provider.Slug}");
+				await DownloadImage(provider.Logo, localPath, $"The logo of {provider.Slug}");
 			return provider;
 		}
 		
diff --git a/Kyoo/Startup.cs b/Kyoo/Startup.cs
index 7cede9d7..ae5ec44b 100644
--- a/Kyoo/Startup.cs
+++ b/Kyoo/Startup.cs
@@ -191,18 +191,18 @@ namespace Kyoo
 
 			app.UseRouting();
 
-			// app.Use((ctx, next) => 
-			// {
-			// 	ctx.Response.Headers.Remove("X-Powered-By");
-			// 	ctx.Response.Headers.Remove("Server");
-			// 	ctx.Response.Headers.Add("Feature-Policy", "autoplay 'self'; fullscreen");
-			// 	ctx.Response.Headers.Add("Content-Security-Policy", "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'");
-			// 	ctx.Response.Headers.Add("X-Frame-Options", "SAMEORIGIN");
-			// 	ctx.Response.Headers.Add("Referrer-Policy", "no-referrer");
-			// 	ctx.Response.Headers.Add("Access-Control-Allow-Origin", "null");
-			// 	ctx.Response.Headers.Add("X-Content-Type-Options", "nosniff");
-			// 	return next();
-			// });
+			app.Use((ctx, next) => 
+			{
+				ctx.Response.Headers.Remove("X-Powered-By");
+				ctx.Response.Headers.Remove("Server");
+				ctx.Response.Headers.Add("Feature-Policy", "autoplay 'self'; fullscreen");
+				ctx.Response.Headers.Add("Content-Security-Policy", "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'");
+				ctx.Response.Headers.Add("X-Frame-Options", "SAMEORIGIN");
+				ctx.Response.Headers.Add("Referrer-Policy", "no-referrer");
+				ctx.Response.Headers.Add("Access-Control-Allow-Origin", "null");
+				ctx.Response.Headers.Add("X-Content-Type-Options", "nosniff");
+				return next();
+			});
 			app.UseResponseCompression();
 			app.UseCookiePolicy(new CookiePolicyOptions
 			{