Merge branch 'csp-header' into 'develop'

Add Content-Security-Policy header

See merge request pleroma/pleroma-fe!856
This commit is contained in:
HJ 2019-07-10 18:44:27 +00:00
commit 0a7c60c303

View file

@ -24,6 +24,9 @@ var devMiddleware = require('webpack-dev-middleware')(compiler, {
stats: { stats: {
colors: true, colors: true,
chunks: false chunks: false
},
headers: {
'content-security-policy': "base-uri 'self'; frame-ancestors 'none'; img-src 'self' data: https:; media-src 'self' https:; style-src 'self' 'unsafe-inline'; font-src 'self'; manifest-src 'self'; script-src 'self' 'unsafe-eval';"
} }
}) })