More fixes

This commit is contained in:
Thomas Sileo 2022-06-29 22:20:01 +02:00
parent f560821be0
commit c2be8ba053
2 changed files with 12 additions and 2 deletions

View file

@ -204,7 +204,11 @@ async def admin_inbox(
await db_session.scalars(
q.options(
joinedload(models.InboxObject.relates_to_inbox_object),
joinedload(models.InboxObject.relates_to_outbox_object),
joinedload(models.InboxObject.relates_to_outbox_object).options(
joinedload(
models.OutboxObject.outbox_object_attachments
).options(joinedload(models.OutboxObjectAttachment.upload)),
),
joinedload(models.InboxObject.actor),
)
.order_by(models.InboxObject.ap_published_at.desc())

View file

@ -116,7 +116,13 @@ async def request_middleware(request, call_next):
@app.middleware("http")
async def add_security_headers(request: Request, call_next):
try:
response = await call_next(request)
except RuntimeError as exc:
# https://github.com/encode/starlette/discussions/1527#discussioncomment-2234702
if await request.is_disconnected() and str(exc) == "No response returned.":
return Response(status_code=204)
response.headers["referrer-policy"] = "no-referrer, strict-origin-when-cross-origin"
response.headers["x-content-type-options"] = "nosniff"
response.headers["x-xss-protection"] = "1; mode=block"