natty
/
fox-send
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

tighten csp

This commit is contained in:
Danny Coates 2017-07-24 22:08:43 -07:00
parent 4b8445191b
commit 5a564e2c37
No known key found for this signature in database
GPG Key ID: 4C442633C62E00CB
1 changed files with 5 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
server/server.js
View File

@ -45,20 +45,19 @@ app.use(
connectSrc: [
"'self'",
'https://sentry.prod.mozaws.net',
'https://www.google-analytics.com',
'https://ssl.google-analytics.com'
'https://www.google-analytics.com'
],
imgSrc: [
"'self'",
'https://www.google-analytics.com',
'https://ssl.google-analytics.com'
'https://www.google-analytics.com'
],
scriptSrc: ["'self'", 'https://ssl.google-analytics.com'],
scriptSrc: ["'self'"],
styleSrc: ["'self'", 'https://code.cdn.mozilla.net'],
fontSrc: ["'self'", 'https://code.cdn.mozilla.net'],
formAction: ["'none'"],
frameAncestors: ["'none'"],
objectSrc: ["'none'"]
objectSrc: ["'none'"],
reportUri: '/__cspreport__'
}
})
);