Fixing providers's thumbnails and adding security headers

2025-07-09 03:04:20 -04:00 · 2021-03-15 22:02:01 +01:00 · 2021-03-15 22:02:01 +01:00 · d38926924c
commit d38926924c
parent fdf2f37ceb
2 changed files with 14 additions and 14 deletions
--- a/Kyoo/Controllers/ThumbnailsManager.cs
+++ b/Kyoo/Controllers/ThumbnailsManager.cs
@ -107,12 +107,12 @@ namespace Kyoo.Controllers
 			if (provider.Logo == null)
 				return provider;

-			string root = _config.GetValue<string>("peoplePath");
+			string root = _config.GetValue<string>("providerPath");
 			string localPath = Path.Combine(root, provider.Slug + ".jpg");
 			
 			Directory.CreateDirectory(root);
 			if (alwaysDownload || !File.Exists(localPath))
-				await DownloadImage(provider.Logo, localPath, $"The thumbnail of {provider.Slug}");
+				await DownloadImage(provider.Logo, localPath, $"The logo of {provider.Slug}");
 			return provider;
 		}
 		
--- a/Kyoo/Startup.cs
+++ b/Kyoo/Startup.cs
@ -191,18 +191,18 @@ namespace Kyoo

 			app.UseRouting();

-			// app.Use((ctx, next) => 
-			// {
-			// 	ctx.Response.Headers.Remove("X-Powered-By");
-			// 	ctx.Response.Headers.Remove("Server");
-			// 	ctx.Response.Headers.Add("Feature-Policy", "autoplay 'self'; fullscreen");
-			// 	ctx.Response.Headers.Add("Content-Security-Policy", "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'");
-			// 	ctx.Response.Headers.Add("X-Frame-Options", "SAMEORIGIN");
-			// 	ctx.Response.Headers.Add("Referrer-Policy", "no-referrer");
-			// 	ctx.Response.Headers.Add("Access-Control-Allow-Origin", "null");
-			// 	ctx.Response.Headers.Add("X-Content-Type-Options", "nosniff");
-			// 	return next();
-			// });
+			app.Use((ctx, next) => 
+			{
+				ctx.Response.Headers.Remove("X-Powered-By");
+				ctx.Response.Headers.Remove("Server");
+				ctx.Response.Headers.Add("Feature-Policy", "autoplay 'self'; fullscreen");
+				ctx.Response.Headers.Add("Content-Security-Policy", "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'");
+				ctx.Response.Headers.Add("X-Frame-Options", "SAMEORIGIN");
+				ctx.Response.Headers.Add("Referrer-Policy", "no-referrer");
+				ctx.Response.Headers.Add("Access-Control-Allow-Origin", "null");
+				ctx.Response.Headers.Add("X-Content-Type-Options", "nosniff");
+				return next();
+			});
 			app.UseResponseCompression();
 			app.UseCookiePolicy(new CookiePolicyOptions
 			{