Feliday/Feliday-UI
5
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Fixing CSP for local dev

Browse source
This commit is contained in:
Dessalines 2020-11-25 15:06:38 -05:00
parent 235a6f2abe
commit 7ebcb0563b
1 changed files with 9 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
src/server/index.tsx
View file

@ -84,7 +84,15 @@ server.get('/*', async (req, res) => {
return res.redirect(context.url);
}
const cspHtml = (
<meta
http-equiv="Content-Security-Policy"
content="default-src 'none'; connect-src 'self'; frame-src *; img-src *; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'"
/>
);
const root = renderToString(wrapper);
const cspStr = process.env.LEMMY_EXTERNAL_HOST ? renderToString(cspHtml) : '';
const helmet = Helmet.renderStatic();
res.send(`
@ -102,7 +110,7 @@ server.get('/*', async (req, res) => {
<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
<!-- Content Security Policy -->
<meta http-equiv="Content-Security-Policy" content="default-src 'none'; connect-src 'self'; frame-src *; img-src *; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'">
${cspStr}
<!-- Web app manifest -->
<link rel="manifest" href="/static/assets/manifest.webmanifest">