Skip to content

Commit

Permalink
Add frame-ancestor and cloudflare insights to CSP
Browse files Browse the repository at this point in the history
  • Loading branch information
@elifmeric
elifmeric committed Nov 5, 2024
1 parent a081c8a commit 83ae204
Show file tree
Hide file tree
Showing 3 changed files with 4 additions and 4 deletions.
4 changes: 2 additions & 2 deletions package-lock.json
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion package.json
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "@migroscomtr/prpl-server",
"version": "1.4.56",
"version": "1.4.57",
"description": "A Node implementation of the PRPL pattern for serving Progressive Web Apps",
"repository": "[email protected]:migroscomtr/prpl-server.git",
"main": "lib/prpl.js",
Expand Down
2 changes: 1 addition & 1 deletion src/prpl.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -294,7 +294,7 @@ export function makeHandler(root?: string, config?: Config): (
+ "font-src 'self' data: https://fonts.gstatic.com ; "
+ `img-src data: blob: 'self' 'unsafe-inline' https://*.migrosone.com ${imageSrcAllowedHosts.join(' ')} ; `
+ `frame-src ${frameSrcAllowedHosts.join(' ')} ; `
+ "frame-ancestor 'self https://*.migros.com.tr"
+ "frame-ancestors 'self' https://*.migros.com.tr ; "
+ `style-src 'self' 'unsafe-inline' ${styleSrcAllowedHosts.join(' ')} ;`
+ `manifest-src 'self' ; `
+ "worker-src 'self' blob: ;"
Expand Down

0 comments on commit 83ae204

Please sign in to comment.