-
Notifications
You must be signed in to change notification settings - Fork 66
/
Copy pathCaddyfile
109 lines (102 loc) · 4.34 KB
/
Caddyfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
# Global caddy config options must be first
{
admin off
auto_https off
}
# Bind to port 82
:82
# Serve static files
file_server
# Fallback to index.html for everything but assets
@html {
not path *.js *.css *.png *.svg *.ttf *.woff2
file index.html
}
handle_errors {
header Cache-Control no-store
}
rewrite @html {http.matchers.file.relative}
# Don't cache index.html and set CSP
header @html Cache-Control no-store
header @html Content-Security-Policy "
default-src 'self';
connect-src
{$DOMAIN:https://node.deso.org}/api/v0/get-users-stateless
{$DOMAIN:https://node.deso.org}/api/v0/get-app-state
{$DOMAIN:https://node.deso.org}/api/v0/jumio-begin
{$DOMAIN:https://node.deso.org}/api/v0/jumio-flow-finished
{$DOMAIN:https://node.deso.org}/api/v0/get-referral-info-for-referral-hash
{$DOMAIN:https://node.deso.org}/api/v0/get-user-derived-keys
{$DOMAIN:https://node.deso.org}/api/v0/get-transaction-spending
{$DOMAIN:https://node.deso.org}/api/v0/send-phone-number-verification-text
{$DOMAIN:https://node.deso.org}/api/v0/submit-phone-number-verification-code
{$DOMAIN:https://node.deso.org}/api/v0/get-transaction-spending-limit-hex-string
{$DOMAIN:https://node.deso.org}/api/v0/get-transaction-spending-limit-response-from-hex/
{$DOMAIN:https://node.deso.org}/api/v0/get-single-post
{$DOMAIN:https://node.deso.org}/api/v0/get-exchange-rate
{$DOMAIN:https://node.deso.org}/api/v0/query-eth-rpc
{$DOMAIN:https://node.deso.org}/api/v0/submit-eth-tx
{$DOMAIN:https://node.deso.org}/api/v0/get-access-bytes
{$DOMAIN:https://node.deso.org}/api/v0/send-starter-deso-for-metamask-account
{$DOMAIN:https://node.deso.org}/api/v0/authorize-derived-key
{$DOMAIN:https://node.deso.org}/api/v0/get-txn
{$DOMAIN:https://node.deso.org}/api/v0/verify-captcha
{$DOMAIN:https://node.deso.org}/api/v0/get-bulk-messaging-public-keys
{$DOMAIN:https://node.deso.org}/api/v0/submit-transaction
https://test.deso.org/api/v0/get-users-stateless
https://test.deso.org/api/v0/get-app-state
https://test.deso.org/api/v0/jumio-begin
https://test.deso.org/api/v0/jumio-flow-finished
https://test.deso.org/api/v0/get-referral-info-for-referral-hash
https://test.deso.org/api/v0/get-user-derived-keys
https://test.deso.org/api/v0/get-transaction-spending
https://test.deso.org/api/v0/send-phone-number-verification-text
https://test.deso.org/api/v0/submit-phone-number-verification-code
https://test.deso.org/api/v0/get-transaction-spending-limit-hex-string
https://test.deso.org/api/v0/get-transaction-spending-limit-response-from-hex/
https://test.deso.org/api/v0/get-single-post
https://test.deso.org/api/v0/get-exchange-rate
https://test.deso.org/api/v0/query-eth-rpc
https://test.deso.org/api/v0/submit-eth-tx
https://test.deso.org/api/v0/get-access-bytes
https://test.deso.org/api/v0/send-starter-deso-for-metamask-account
https://test.deso.org/api/v0/authorize-derived-key
https://test.deso.org/api/v0/get-txn
https://test.deso.org/api/v0/verify-captcha
https://test.deso.org/api/v0/get-bulk-messaging-public-keys
https://test.deso.org/api/v0/submit-transaction
https://www.googleapis.com/drive/v3/files
https://www.googleapis.com/drive/v3/files/
https://www.googleapis.com/upload/drive/v3/files
https://desoverification.com/api/v0/verify-captcha
https://api.blockchain.com/mempool/fees
https://registry.walletconnect.com/
https://explorer-api.walletconnect.com/
wss://relay.walletconnect.com/;
img-src 'self'
{$DOMAIN:https://node.deso.org}/api/v0/get-single-profile-picture/
https://test.deso.org/api/v0/get-single-profile-picture/
i.imgur.com
images.deso.org
images.bitclout.com
arweave.net
*.arweave.net
*.pearl.app
cloudflare-ipfs.com
https://explorer-api.walletconnect.com/;
style-src 'self' 'unsafe-inline'
https://fonts.googleapis.com
https://cdn.jsdelivr.net/npm/[email protected]/dist/css/bootstrap.min.css;
font-src 'self'
https://fonts.googleapis.com
https://fonts.gstatic.com
https://ka-f.fontawesome.com;
frame-src 'self'
heroswap.com
https://verify.walletconnect.com
https://iframe.videodelivery.net
https://hcaptcha.com/
https://*.hcaptcha.com/;
script-src 'self'
https://hcaptcha.com
https://*.hcaptcha.com;"