moparisthebest
/
mail
mirror of https://github.com/moparisthebest/mail
1
0
Fork 0
Code Issues Releases Wiki Activity

fix csp for prdouction web server

This commit is contained in:
Tankred Hase 2013-09-27 16:17:38 +02:00
parent 01902f1fe4
commit 7b16d6b713
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
Gruntfile.js
View File

@ -20,20 +20,20 @@ module.exports = function(grunt) {
prod: { prod: {
options: { options: {
port: process.env.PORT || 8585, port: process.env.PORT || 8585,
base: './src/', base: './dist/',
keepalive: true, keepalive: true,
middleware: function(connect, options) { middleware: function(connect, options) {
// Return array of whatever middlewares you want // Return array of whatever middlewares you want
return [function(req, res, next) { return [
res.setHeader('Content-Security-Policy', "default-src 'self'; script-src 'self' 'unsafe-eval'; connect-src *; object-src 'none'; style-src 'self' 'unsafe-inline'"); function(req, res, next) {
res.setHeader('X-Content-Security-Policy', "default-src *; script-src 'self' 'unsafe-eval'; options eval-script; object-src 'none'; style-src 'self' 'unsafe-inline'"); res.setHeader('Content-Security-Policy', "default-src 'self'; connect-src *; object-src 'none'; style-src 'self' 'unsafe-inline'");
res.setHeader('X-WebKit-CSP', "default-src 'self'; script-src 'self' 'unsafe-eval'; connect-src *; object-src 'none'; style-src 'self' 'unsafe-inline'");
return next(); return next();
}, },
// Serve static files. // Serve static files.
connect.static(options.base)]; connect.static(options.base)
];
} }
} }
} }