diff options
author | Madeline <46743919+MaddyUnderStars@users.noreply.github.com> | 2022-09-26 22:29:30 +1000 |
---|---|---|
committer | Madeline <46743919+MaddyUnderStars@users.noreply.github.com> | 2022-09-26 22:41:21 +1000 |
commit | dbaf39237ae3a41b6b1ac6a6cd3486129599b815 (patch) | |
tree | 350cca4889d0804445eddbd8467d274b27307776 /src/cdn/Server.ts | |
parent | Remove the cdn storage location log (diff) | |
download | server-dbaf39237ae3a41b6b1ac6a6cd3486129599b815.tar.xz |
Prettier
Diffstat (limited to 'src/cdn/Server.ts')
-rw-r--r-- | src/cdn/Server.ts | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/src/cdn/Server.ts b/src/cdn/Server.ts index 5b395589..f7e6dbdc 100644 --- a/src/cdn/Server.ts +++ b/src/cdn/Server.ts @@ -5,7 +5,7 @@ import avatarsRoute from "./routes/avatars"; import iconsRoute from "./routes/role-icons"; import bodyParser from "body-parser"; -export interface CDNServerOptions extends ServerOptions { } +export interface CDNServerOptions extends ServerOptions {} export class CDNServer extends Server { public declare options: CDNServerOptions; @@ -22,15 +22,15 @@ export class CDNServer extends Server { // TODO: use better CSP policy res.set( "Content-security-policy", - "default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';" + "default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';", ); res.set( "Access-Control-Allow-Headers", - req.header("Access-Control-Request-Headers") || "*" + req.header("Access-Control-Request-Headers") || "*", ); res.set( "Access-Control-Allow-Methods", - req.header("Access-Control-Request-Methods") || "*" + req.header("Access-Control-Request-Methods") || "*", ); next(); }); |