Skip to content
GitLab
Menu
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
Menu
Open sidebar
natalie
misskey-nya
Commits
9d3448c8
Commit
9d3448c8
authored
Aug 24, 2021
by
syuilo
Browse files
fix(server): use csp to imporve security
parent
dad6a776
Changes
3
Hide whitespace changes
Inline
Side-by-side
CHANGELOG.md
View file @
9d3448c8
...
...
@@ -13,6 +13,7 @@
-
クライアントのデザインの調整
### Bugfixes
-
セキュリティの向上
## 12.89.0 (2021/08/21)
...
...
src/server/file/index.ts
View file @
9d3448c8
...
...
@@ -17,6 +17,10 @@ const _dirname = dirname(_filename);
// Init app
const
app
=
new
Koa
();
app
.
use
(
cors
());
app
.
use
(
async
(
ctx
,
next
)
=>
{
ctx
.
set
(
'
Content-Security-Policy
'
,
`default-src 'none'; style-src 'unsafe-inline'`
);
await
next
();
});
// Init router
const
router
=
new
Router
();
...
...
src/server/proxy/index.ts
View file @
9d3448c8
...
...
@@ -10,6 +10,10 @@ import { proxyMedia } from './proxy-media';
// Init app
const
app
=
new
Koa
();
app
.
use
(
cors
());
app
.
use
(
async
(
ctx
,
next
)
=>
{
ctx
.
set
(
'
Content-Security-Policy
'
,
`default-src 'none'; style-src 'unsafe-inline'`
);
await
next
();
});
// Init router
const
router
=
new
Router
();
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment