Skip to content
Snippets Groups Projects

Add Content-Security-Policy header

Merged Add Content-Security-Policy header
feature/dev-csp-headers into master
Merged feld requested to merge feature/dev-csp-headers into master
Compare
and
1 file
+ 3
0
Compare changes
  • Side-by-side
  • Inline
build/webpack.dev.conf.js
+ 3
0
@@ -46,6 +46,9 @@ const devWebpackConfig = merge(baseWebpackConfig, {
quiet: true, // necessary for FriendlyErrorsPlugin
watchOptions: {
poll: config.dev.poll
},
headers: {
'content-security-policy': "base-uri 'self'; frame-ancestors 'none'; img-src 'self' data: https:; media-src 'self' https:; style-src 'self' 'unsafe-inline'; font-src 'self'; manifest-src 'self'; script-src 'self';"
}
},
plugins: [