Matiss/Final-Year-Project
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(sim): allow jsdelivr script under helmet CSP

Browse Source
This commit is contained in:
Matiss Jurevics
2026-01-28 11:15:00 +00:00
parent 8c902f989f
commit f6d3b8a551
1 changed files with 9 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
Backend/index.ts
View File

@@ -43,7 +43,15 @@ app.use('/docs', swaggerUi.serve, swaggerUi.setup(openApiDocument));
app.all('/api/auth/*splat', toNodeHandler(auth)); app.all('/api/auth/*splat', toNodeHandler(auth));
app.use(helmet()); app.use(
helmet({
contentSecurityPolicy: {
directives: {
scriptSrc: ["'self'", 'https://cdn.jsdelivr.net'],
},
},
}),
);
app.use( app.use(
cors({ cors({
origin: trustedOrigins.length > 0 ? trustedOrigins : true, origin: trustedOrigins.length > 0 ? trustedOrigins : true,