versia-pub/server
2
0
Fork 0
mirror of https://github.com/versia-pub/server.git synced 2025-12-06 08:28:19 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

Fix CSP

Browse source
This commit is contained in:
Jesse Wierzbinski 2024-04-07 02:02:11 -10:00
parent e20454bf58
commit 0f07ca94a3
No known key found for this signature in database
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
utils/response.ts
View file

@ -20,7 +20,7 @@ export const jsonResponse = (
"Link,X-RateLimit-Reset,X-RateLimit-Limit,X-RateLimit-Remaining,X-Request-Id,Idempotency-Key",
// CSP should follow Content Security Policy directive: "connect-src 'self' blob: https: wss:".
"Content-Security-Policy":
"default-src 'self'; connect-src 'self' blob: https: wss:; frame-ancestors 'none';",
"default-src 'none'; frame-ancestors 'none'; form-action 'none'",
...headers,
},
status,