|
|
|
|
|
|
by derekzhouzhen
1655 days ago
|
|
|
Let me put all suggestions on this together. They should be fairly easy to implement and will enhance the usefulness and security of this feature: * You should support HTTP HEAD request * You should infer MIME type from language selections and set Content-Type header as much as possible. If there is none, the default shall be text/plain not text/html * You should set `Content-Security-Policy: sandbox` HTTP header so people cannot use your service to do malicious stuff * You should set `Access-Control-Allow-Origin: *` so it can be used in pure client-side JAMStack applications |
|
|