public/api_builder
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

modified: backend/src/server.ts

Browse Source
This commit is contained in:
GEgorov
2025-10-07 00:25:09 +03:00
parent d02325ca29
commit 548b7b35c0
1 changed files with 7 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
backend/src/server.ts
View File

@@ -26,23 +26,13 @@ const app: Express = express();
// Trust proxy if behind reverse proxy (nginx, apache, etc) // Trust proxy if behind reverse proxy (nginx, apache, etc)
app.set('trust proxy', true); app.set('trust proxy', true);
// Middleware // Middleware - Helmet disabled for HTTP internal use
app.use(helmet({ // app.use(helmet({
contentSecurityPolicy: config.nodeEnv === 'production' ? { // contentSecurityPolicy: false,
directives: { // crossOriginOpenerPolicy: false,
defaultSrc: ["'self'"], // crossOriginResourcePolicy: false,
scriptSrc: ["'self'", "'unsafe-inline'", "'unsafe-eval'", "blob:"], // crossOriginEmbedderPolicy: false,
workerSrc: ["'self'", "blob:"], // }));
styleSrc: ["'self'", "'unsafe-inline'"],
imgSrc: ["'self'", "data:", "blob:"],
fontSrc: ["'self'", "data:"],
connectSrc: ["'self'"],
},
} : false,
crossOriginOpenerPolicy: false,
crossOriginResourcePolicy: false,
crossOriginEmbedderPolicy: false,
}));
app.use(cors()); app.use(cors());
app.use(express.json()); app.use(express.json());
app.use(express.urlencoded({ extended: true })); app.use(express.urlencoded({ extended: true }));