From 633a31972e61f6c309a9c6768206e741f079d0f0 Mon Sep 17 00:00:00 2001 From: Sumeng Wang Date: Thu, 10 Aug 2023 10:45:05 -0700 Subject: [PATCH] disable upgradeInsecureRequests --- server/express.js | 1 + 1 file changed, 1 insertion(+) diff --git a/server/express.js b/server/express.js index ab1ff16313a..da70316e5c0 100644 --- a/server/express.js +++ b/server/express.js @@ -184,6 +184,7 @@ function makeApp(authAddress, cdapConfig, uiSettings) { objectSrc: [`'none'`], workerSrc: [`'self' blob:`], reportUri: `https://csp.withgoogle.com/csp/cdap`, + upgradeInsecureRequests: null, }, }, hsts: cdapConfig["hsts.enabled"] === 'true' && hstsSettings,