:art: added optional captcha to login route

author: Flam3rboy <34555296+Flam3rboy@users.noreply.github.com> 2021-05-01 13:54:12 +0200
committer: Flam3rboy <34555296+Flam3rboy@users.noreply.github.com> 2021-05-01 13:54:12 +0200
commit: bbeab4da65c245cb6083554a44fa12293902424d (patch)
tree: d964467f79a2abe45eeacd9dd35d9d2670ce99ff /src/middlewares
parent: :sparkles: Channel get Route (diff)
download: server-ts-bbeab4da65c245cb6083554a44fa12293902424d.tar.xz
1 files changed, 7 insertions, 0 deletions
diff --git a/src/middlewares/CORS.ts b/src/middlewares/CORS.ts
index 336051bd..b47de251 100644
--- a/src/middlewares/CORS.ts
+++ b/src/middlewares/CORS.ts
@@ -4,4 +4,11 @@ import { NextFunction, Request, Response } from "express";
 
 export function CORS(req: Request, res: Response, next: NextFunction) {
 	res.set("Access-Control-Allow-Origin", "*");
+	res.set(
+		"Content-security-policy",
+		"script-src 'https://hcaptcha.com, https://*.hcaptcha.com' frame-src 'https://hcaptcha.com, https://*.hcaptcha.com' style-src 'https://hcaptcha.com, https://*.hcaptcha.com' connect-src 'https://hcaptcha.com, https://*.hcaptcha.com'"
+	);
+	res.set("Access-Control-Allow-Headers", req.header("Access-Control-Request-Headers"));
+
+	next();
 }
author	Flam3rboy <34555296+Flam3rboy@users.noreply.github.com>	2021-05-01 13:54:12 +0200
committer	Flam3rboy <34555296+Flam3rboy@users.noreply.github.com>	2021-05-01 13:54:12 +0200
commit	bbeab4da65c245cb6083554a44fa12293902424d (patch)
tree	d964467f79a2abe45eeacd9dd35d9d2670ce99ff /src/middlewares
parent	:sparkles: Channel get Route (diff)
download	server-ts-bbeab4da65c245cb6083554a44fa12293902424d.tar.xz