mirror of
https://github.com/misskey-dev/misskey.git
synced 2024-12-23 00:29:22 +09:00
fix(server): use csp to imporve security
This commit is contained in:
parent
dad6a77645
commit
9d3448c880
@ -13,6 +13,7 @@
|
|||||||
- クライアントのデザインの調整
|
- クライアントのデザインの調整
|
||||||
|
|
||||||
### Bugfixes
|
### Bugfixes
|
||||||
|
- セキュリティの向上
|
||||||
|
|
||||||
## 12.89.0 (2021/08/21)
|
## 12.89.0 (2021/08/21)
|
||||||
|
|
||||||
|
@ -17,6 +17,10 @@ const _dirname = dirname(_filename);
|
|||||||
// Init app
|
// Init app
|
||||||
const app = new Koa();
|
const app = new Koa();
|
||||||
app.use(cors());
|
app.use(cors());
|
||||||
|
app.use(async (ctx, next) => {
|
||||||
|
ctx.set('Content-Security-Policy', `default-src 'none'; style-src 'unsafe-inline'`);
|
||||||
|
await next();
|
||||||
|
});
|
||||||
|
|
||||||
// Init router
|
// Init router
|
||||||
const router = new Router();
|
const router = new Router();
|
||||||
|
@ -10,6 +10,10 @@ import { proxyMedia } from './proxy-media';
|
|||||||
// Init app
|
// Init app
|
||||||
const app = new Koa();
|
const app = new Koa();
|
||||||
app.use(cors());
|
app.use(cors());
|
||||||
|
app.use(async (ctx, next) => {
|
||||||
|
ctx.set('Content-Security-Policy', `default-src 'none'; style-src 'unsafe-inline'`);
|
||||||
|
await next();
|
||||||
|
});
|
||||||
|
|
||||||
// Init router
|
// Init router
|
||||||
const router = new Router();
|
const router = new Router();
|
||||||
|
Loading…
Reference in New Issue
Block a user