Commit 9d3448c8 authored by syuilo's avatar syuilo
Browse files

fix(server): use csp to imporve security

parent dad6a776
......@@ -13,6 +13,7 @@
- クライアントのデザインの調整
### Bugfixes
- セキュリティの向上
## 12.89.0 (2021/08/21)
......
......@@ -17,6 +17,10 @@ const _dirname = dirname(_filename);
// Init app
const app = new Koa();
app.use(cors());
app.use(async (ctx, next) => {
ctx.set('Content-Security-Policy', `default-src 'none'; style-src 'unsafe-inline'`);
await next();
});
// Init router
const router = new Router();
......
......@@ -10,6 +10,10 @@ import { proxyMedia } from './proxy-media';
// Init app
const app = new Koa();
app.use(cors());
app.use(async (ctx, next) => {
ctx.set('Content-Security-Policy', `default-src 'none'; style-src 'unsafe-inline'`);
await next();
});
// Init router
const router = new Router();
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment