Mirrors/whitebophir
2
0
Fork 0
mirror of https://github.com/lovasoa/whitebophir synced 2024-11-14 16:27:13 +00:00
Code Issues Projects Releases Packages Wiki Activity

add a CSP

Browse source
This commit is contained in:
Ophir LOJKINE 2018-11-27 11:07:46 +01:00
parent b11bf9fb0b
commit 7cfbb2c087
1 changed files with 6 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
server/server.js
View file

@ -62,7 +62,8 @@ function handleRequest (request, response) {
// If there is no dot and no directory, parts[1] is the board name
if (parts.length === 2 && request.url.indexOf('.') === -1) {
fileserver.serveFile("board.html", 200, {}, request, response);
var headers = { "Content-Security-Policy": "default-src 'self'" };
fileserver.serveFile("board.html", 200, headers, request, response);
logRequest(request);
} else { // Else, it's a resource
request.url = "/" + parts.slice(1).join('/');
@ -92,7 +93,10 @@ function handleRequest (request, response) {
response.writeHead(404, {'Content-Type': 'application/json'});
response.end(JSON.stringify(err));
}
response.writeHead(200, {"Content-Type": "image/svg+xml"});
response.writeHead(200, {
"Content-Type": "image/svg+xml",
"Content-Security-Policy": "default-src 'self'; style-src 'unsafe-inline'"
});
response.end(svg);
});
} else {