|
|
|
|
@ -36,11 +36,11 @@ Default.commonCSP = function (domain) {
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
Default.contentSecurity = function (domain) {
|
|
|
|
|
return (Default.commonCSP(domain).join('; ') + "script-src 'self' " + domain).replace(/\s+/g, ' ');
|
|
|
|
|
return (Default.commonCSP(domain).join('; ') + "script-src 'self' resource: " + domain).replace(/\s+/g, ' ');
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
Default.padContentSecurity = function (domain) {
|
|
|
|
|
return (Default.commonCSP(domain).join('; ') + "script-src 'self' 'unsafe-eval' 'unsafe-inline' " + domain).replace(/\s+/g, ' ');
|
|
|
|
|
return (Default.commonCSP(domain).join('; ') + "script-src 'self' 'unsafe-eval' 'unsafe-inline' resource: " + domain).replace(/\s+/g, ' ');
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
Default.httpHeaders = function () {
|
|
|
|
|
|
ansuz
5 years ago