Update app.py

grisuno · Jun 27, 2024 · f5cdca5 · f5cdca5
1 parent a2f43dc
commit f5cdca5
Showing 1 changed file with 14 additions and 14 deletions.
diff --git a/app.py b/app.py
@@ -96,20 +96,20 @@ def download_file(filename):
 
 @app.after_request
 def add_security_headers(response):
-    # Configuración para evitar el almacenamiento en caché
-    response.cache_control.no_cache = True
-    response.cache_control.no_store = True
-    response.cache_control.must_revalidate = True
-    response.headers['Pragma'] = 'no-cache'
-    response.headers['Expires'] = '0'
-
-    # Configuración de protección adicional de seguridad
-    response.headers['X-Content-Type-Options'] = 'nosniff'
-    response.headers['X-Frame-Options'] = 'DENY'
-    response.headers['X-XSS-Protection'] = '1; mode=block'
-
-    # Configuración de políticas de seguridad
-    response.headers['Strict-Transport-Security'] = 'max-age=31536000; includeSubDomains'
+    # # Configuración para evitar el almacenamiento en caché
+    # response.cache_control.no_cache = True
+    # response.cache_control.no_store = True
+    # response.cache_control.must_revalidate = True
+    # response.headers['Pragma'] = 'no-cache'
+    # response.headers['Expires'] = '0'
+
+    # # Configuración de protección adicional de seguridad
+    # response.headers['X-Content-Type-Options'] = 'nosniff'
+    # response.headers['X-Frame-Options'] = 'DENY'
+    # response.headers['X-XSS-Protection'] = '1; mode=block'
+
+    # # Configuración de políticas de seguridad
+    # response.headers['Strict-Transport-Security'] = 'max-age=31536000; includeSubDomains'
 
 
     return response