fix a chrome header issue

pull/1/head
ansuz 4 years ago
parent 3a5b334899
commit ae173d31cb

@ -106,7 +106,6 @@ var setHeaders = (function () {
return function (req, res) { return function (req, res) {
// apply a bunch of cross-origin headers for XLSX export in FF and printing elsewhere // apply a bunch of cross-origin headers for XLSX export in FF and printing elsewhere
applyHeaderMap(res, { applyHeaderMap(res, {
"Cross-Origin-Resource-Policy": 'cross-origin',
"Cross-Origin-Opener-Policy": /^\/sheet\//.test(req.url)? 'same-origin': '', "Cross-Origin-Opener-Policy": /^\/sheet\//.test(req.url)? 'same-origin': '',
"Cross-Origin-Embedder-Policy": 'require-corp', "Cross-Origin-Embedder-Policy": 'require-corp',
}); });
@ -114,6 +113,10 @@ var setHeaders = (function () {
// Don't set CSP headers on /api/config because they aren't necessary and they cause problems // Don't set CSP headers on /api/config because they aren't necessary and they cause problems
// when duplicated by NGINX in production environments // when duplicated by NGINX in production environments
if (/^\/api\/(broadcast|config)/.test(req.url)) { return; } if (/^\/api\/(broadcast|config)/.test(req.url)) { return; }
applyHeaderMap(res, {
"Cross-Origin-Resource-Policy": 'cross-origin',
});
// targeted CSP, generic policies, maybe custom headers // targeted CSP, generic policies, maybe custom headers
const h = [ const h = [
/^\/common\/onlyoffice\/.*\/index\.html.*/, /^\/common\/onlyoffice\/.*\/index\.html.*/,

Loading…
Cancel
Save