mirror of
https://github.com/Unleash/unleash.git
synced 2024-12-22 19:07:54 +01:00
fix: make sure our CSP allow gravatar.com for images
This commit is contained in:
parent
12e78663b0
commit
4a5b332567
@ -13,7 +13,7 @@ const secureHeaders: (config: IUnleashConfig) => RequestHandler = (config) => {
|
||||
},
|
||||
contentSecurityPolicy: {
|
||||
directives: {
|
||||
defaultSrc: ["'self'", 'cdn.getunleash.io'],
|
||||
defaultSrc: ["'self'", 'cdn.getunleash.io', 'gravatar.com'],
|
||||
fontSrc: [
|
||||
"'self'",
|
||||
'cdn.getunleash.io',
|
||||
@ -37,6 +37,7 @@ const secureHeaders: (config: IUnleashConfig) => RequestHandler = (config) => {
|
||||
],
|
||||
},
|
||||
},
|
||||
crossOriginEmbedderPolicy: false,
|
||||
});
|
||||
}
|
||||
return (req, res, next) => {
|
||||
|
@ -24,6 +24,7 @@ process.nextTick(async () => {
|
||||
},
|
||||
logLevel: LogLevel.debug,
|
||||
enableOAS: true,
|
||||
// secureHeaders: true,
|
||||
versionCheck: {
|
||||
enable: false,
|
||||
},
|
||||
|
Loading…
Reference in New Issue
Block a user