Git_Mirror/Werewolf
1
0
Fork 0
mirror of https://github.com/AlecM33/Werewolf.git synced 2025-12-26 15:57:50 +01:00
Code Issues Packages Projects Releases Wiki Activity

stricter content security policy

Browse Source
This commit is contained in:
AlecM33
2022-02-26 00:25:53 -05:00
parent 55e30b22d8
commit 916bc733c3
15 changed files with 153 additions and 58 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
server/modules/ServerBootstrapper.js
View File

@@ -3,6 +3,7 @@ const http = require('http');
const https = require('https');
const path = require('path');
const fs = require('fs');
const crypto = require('crypto');
const ServerBootstrapper = {
processCLIArgs: () => {
@@ -64,6 +65,15 @@ const ServerBootstrapper = {
next();
}
});
app.use(function (req, res, next) {
let nonce = crypto.randomBytes(16).toString('base64');
res.setHeader(
'Content-Security-Policy',
"default-src 'self'; font-src 'self' https://fonts.gstatic.com/; img-src 'self' https://img.buymeacoffee.com;" +
" script-src 'self' https://cdnjs.buymeacoffee.com; style-src 'self' https://cdnjs.buymeacoffee.com https://fonts.googleapis.com/ 'nonce-" + nonce + "'; frame-src 'self'"
);
next();
});
}
return main;