Commit 0a7c60c3 authored by HJ's avatar HJ 🐼

Merge branch 'csp-header' into 'develop'

Add Content-Security-Policy header

See merge request pleroma/pleroma-fe!856
parents cf2dc5b6 34d95454
......@@ -24,6 +24,9 @@ var devMiddleware = require('webpack-dev-middleware')(compiler, {
stats: {
colors: true,
chunks: false
headers: {
'content-security-policy': "base-uri 'self'; frame-ancestors 'none'; img-src 'self' data: https:; media-src 'self' https:; style-src 'self' 'unsafe-inline'; font-src 'self'; manifest-src 'self'; script-src 'self' 'unsafe-eval';"
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment