diff options
| author | Madeline <46743919+MaddyUnderStars@users.noreply.github.com> | 2022-09-26 22:29:30 +1000 |
|---|---|---|
| committer | Madeline <46743919+MaddyUnderStars@users.noreply.github.com> | 2022-09-26 22:41:21 +1000 |
| commit | 99ee7e9400f06e8718612d8b52d15215dc620774 (patch) | |
| tree | 08de8c5d3985b9c2eaa419f5198f891ecd82d012 /src/cdn/Server.ts | |
| parent | Remove the cdn storage location log (diff) | |
| download | server-99ee7e9400f06e8718612d8b52d15215dc620774.tar.xz | |
Prettier
Diffstat (limited to 'src/cdn/Server.ts')
| -rw-r--r-- | src/cdn/Server.ts | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/src/cdn/Server.ts b/src/cdn/Server.ts index 5b395589..f7e6dbdc 100644 --- a/src/cdn/Server.ts +++ b/src/cdn/Server.ts @@ -5,7 +5,7 @@ import avatarsRoute from "./routes/avatars"; import iconsRoute from "./routes/role-icons"; import bodyParser from "body-parser"; -export interface CDNServerOptions extends ServerOptions { } +export interface CDNServerOptions extends ServerOptions {} export class CDNServer extends Server { public declare options: CDNServerOptions; @@ -22,15 +22,15 @@ export class CDNServer extends Server { // TODO: use better CSP policy res.set( "Content-security-policy", - "default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';" + "default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';", ); res.set( "Access-Control-Allow-Headers", - req.header("Access-Control-Request-Headers") || "*" + req.header("Access-Control-Request-Headers") || "*", ); res.set( "Access-Control-Allow-Methods", - req.header("Access-Control-Request-Methods") || "*" + req.header("Access-Control-Request-Methods") || "*", ); next(); }); |