Robin Percy rbnpercy

## server.go
package main

import (
    "net/http"
    "log"
)

func HelloServer(w http.ResponseWriter, req *http.Request) {
    w.Header().Set("Content-Type", "text/plain")
    w.Write([]byte("This is an example server.\n"))

## urls.py
# Default admin url
url(r'^admin/', admin.site.urls),

# Replace with following url
url(r'^my_secure_admin_location/', admin.site.urls),

## headers.rb
response.headers["Cache-Control"] = "no-cache, no-store, max-age=0, must-revalidate"
response.headers["Pragma"] = "no-cache"
response.headers["Expires"] = "Sat, 01 Jan 2000 00:00:00 GMT"

## production.rb
config.action_controller.default_url_options = {host: "www.yoursite.com"}
config.action_controller.asset_host = "www.yoursite.com"

## hsts.js
function requestHandler(req, res) {
    res.setHeader('Strict-Transport-Security', 'max-age=630720; includeSubDomains; preload');
}

## x-xss.js
function requestHandler(req, res) {
    res.setHeader( 'X-XSS-Protection', '1; mode=block' );
}

## x-frame.js
function requestHandler(req, res) {
    res.setHeader( 'X-Frame-Options', 'SAMEORIGIN' );
}

## express-csp.js
var express = require('express');
var app = express();


app.use(function(req, res, next) {
    res.setHeader( "Content-Security-Policy", "script-src 'self' https://analytics.google.com" );
    return next();
});

app.use(express.static(__dirname + '/'));

## strict-csp.js
function requestHandler(req, res) {
    res.setHeader( 'Content-Security-Policy', "script-src 'self'" );
}

## disable-cache.js
function requestHandler(req, res) {
    res.setHeader( 'Cache-Control', 'no-cache, no-store, max-age=0, must-revalidate' );
    res.setHeader( 'Pragma' , 'no-cache' );
    res.setHeader( 'Expires' , 'Sat, 01 Jan 2000 00:00:00 GMT' );
}
	package main

	import (
	"net/http"
	"log"
	)

	func HelloServer(w http.ResponseWriter, req *http.Request) {
	w.Header().Set("Content-Type", "text/plain")
	w.Write([]byte("This is an example server.\n"))
	# Default admin url
	url(r'^admin/', admin.site.urls),

	# Replace with following url
	url(r'^my_secure_admin_location/', admin.site.urls),
	response.headers["Cache-Control"] = "no-cache, no-store, max-age=0, must-revalidate"
	response.headers["Pragma"] = "no-cache"
	response.headers["Expires"] = "Sat, 01 Jan 2000 00:00:00 GMT"
	config.action_controller.default_url_options = {host: "www.yoursite.com"}
	config.action_controller.asset_host = "www.yoursite.com"
	function requestHandler(req, res) {
	res.setHeader('Strict-Transport-Security', 'max-age=630720; includeSubDomains; preload');
	}
	function requestHandler(req, res) {
	res.setHeader( 'X-XSS-Protection', '1; mode=block' );
	}
	function requestHandler(req, res) {
	res.setHeader( 'X-Frame-Options', 'SAMEORIGIN' );
	}
	var express = require('express');
	var app = express();


	app.use(function(req, res, next) {
	res.setHeader( "Content-Security-Policy", "script-src 'self' https://analytics.google.com" );
	return next();
	});

	app.use(express.static(__dirname + '/'));
	function requestHandler(req, res) {
	res.setHeader( 'Content-Security-Policy', "script-src 'self'" );
	}
	function requestHandler(req, res) {
	res.setHeader( 'Cache-Control', 'no-cache, no-store, max-age=0, must-revalidate' );
	res.setHeader( 'Pragma' , 'no-cache' );
	res.setHeader( 'Expires' , 'Sat, 01 Jan 2000 00:00:00 GMT' );
	}