blob: b47de25186d8a12e6c5f66f62220c89c8a84bee5 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
|
import { NextFunction, Request, Response } from "express";
// TODO: config settings
export function CORS(req: Request, res: Response, next: NextFunction) {
res.set("Access-Control-Allow-Origin", "*");
res.set(
"Content-security-policy",
"script-src 'https://hcaptcha.com, https://*.hcaptcha.com' frame-src 'https://hcaptcha.com, https://*.hcaptcha.com' style-src 'https://hcaptcha.com, https://*.hcaptcha.com' connect-src 'https://hcaptcha.com, https://*.hcaptcha.com'"
);
res.set("Access-Control-Allow-Headers", req.header("Access-Control-Request-Headers"));
next();
}
|
