Blankie/pastel.codes
1
0
Fork 0
mirror of https://github.com/aurora-dot/pastel.codes.git synced 2024-11-22 08:12:19 +00:00
Code Issues Projects Releases Wiki Activity

Fined another tiny CSP bug

Browse Source
This commit is contained in:
Esther 2021-01-03 23:33:59 +00:00
parent 728e513382
commit 76e4a24da1
No known key found for this signature in database
GPG Key ID: 162A307C5EBD40EA
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app.js
View File

@ -31,7 +31,7 @@ app.use(
helmet.contentSecurityPolicy({ helmet.contentSecurityPolicy({
directives: { directives: {
defaultSrc: ["'self'"], defaultSrc: ["'self'"],
scriptSrc: ["'self'", "'unsafe-inline'", "https://hcaptcha.com", "https://*.hcaptcha.com", "https://cdn.ravenjs.com/"], scriptSrc: ["'self'", "'unsafe-inline'", "'unsafe-eval'", "https://hcaptcha.com", "https://*.hcaptcha.com", "https://cdn.ravenjs.com/"],
imgSrc: ["'self'", "https://blog.pastel.codes", "https://static.ghost.org", "https://secure.gravatar.com"], imgSrc: ["'self'", "https://blog.pastel.codes", "https://static.ghost.org", "https://secure.gravatar.com"],
styleSrc: ["'self'", "'unsafe-inline'", "https://hcaptcha.com", "https://*.hcaptcha.com"], styleSrc: ["'self'", "'unsafe-inline'", "https://hcaptcha.com", "https://*.hcaptcha.com"],
fontSrc: ["'self'", "data:"], fontSrc: ["'self'", "data:"],