djoka/bentopdf
1
0
Fork 0
Code Issues Pull Requests Actions 4 Packages Projects Releases Wiki Activity

fix: update Content Security Policy

Browse Source
This commit is contained in:
alam00000
2026-04-18 00:29:33 +05:30
parent b4779bb49b
commit b9f128f8c7
2 changed files with 6 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
scripts/generate-security-headers.mjs
View File

@@ -55,14 +55,12 @@ const fontOrigins = uniq([ocrFontOrigin].filter(Boolean));
const directives = [
`default-src 'self'`,
`script-src 'self' 'wasm-unsafe-eval' ${scriptOrigins.join(' ')}`.trim(),
`script-src 'self' 'wasm-unsafe-eval' 'unsafe-eval' ${scriptOrigins.join(' ')}`.trim(),
`worker-src 'self' blob:`,
`style-src 'self' 'unsafe-inline'`,
`style-src 'self' 'unsafe-inline' https://fonts.googleapis.com`,
`img-src 'self' data: blob: https:`,
fontOrigins.length
? `font-src 'self' data: ${fontOrigins.join(' ')}`
: `font-src 'self' data:`,
`connect-src 'self' ${connectOrigins.join(' ')}`.trim(),
`font-src 'self' data: https://fonts.gstatic.com ${fontOrigins.join(' ')}`.trim(),
`connect-src 'self' https://api.github.com https://fonts.gstatic.com ${connectOrigins.join(' ')}`.trim(),
`object-src 'none'`,
`base-uri 'self'`,
`frame-ancestors 'self'`,