mirror of
https://github.com/overleaf/overleaf.git
synced 2024-11-29 06:13:34 -05:00
Merge pull request #7105 from overleaf/jpa-static-no-csp
[web] remove CSP header from static assets GitOrigin-RevId: 2f12974f490ff22796ed74c38a466fe4649877c1
This commit is contained in:
parent
224edddad4
commit
29aa7c622a
3 changed files with 8 additions and 5 deletions
|
@ -93,4 +93,10 @@ function relativeViewPath(view) {
|
|||
: path.join('app', 'views', view)
|
||||
}
|
||||
|
||||
function removeCSPHeaders(res) {
|
||||
res.removeHeader('Content-Security-Policy')
|
||||
res.removeHeader('Content-Security-Policy-Report-Only')
|
||||
}
|
||||
|
||||
module.exports.buildDefaultPolicy = buildDefaultPolicy
|
||||
module.exports.removeCSPHeaders = removeCSPHeaders
|
||||
|
|
|
@ -121,11 +121,13 @@ webRouter.get(
|
|||
'/serviceWorker.js',
|
||||
express.static(Path.join(__dirname, '/../../../public'), {
|
||||
maxAge: oneDayInMilliseconds,
|
||||
setHeaders: csp.removeCSPHeaders,
|
||||
})
|
||||
)
|
||||
webRouter.use(
|
||||
express.static(Path.join(__dirname, '/../../../public'), {
|
||||
maxAge: STATIC_CACHE_AGE,
|
||||
setHeaders: csp.removeCSPHeaders,
|
||||
})
|
||||
)
|
||||
app.set('views', Path.join(__dirname, '/../../views'))
|
||||
|
|
|
@ -3,7 +3,6 @@ const merge = require('webpack-merge')
|
|||
const MiniCssExtractPlugin = require('mini-css-extract-plugin')
|
||||
|
||||
const base = require('./webpack.config')
|
||||
const { buildDefaultPolicy } = require('./app/src/infrastructure/CSP')
|
||||
|
||||
module.exports = merge(base, {
|
||||
mode: 'development',
|
||||
|
@ -31,10 +30,6 @@ module.exports = merge(base, {
|
|||
port: 3808,
|
||||
public: 'www.dev-overleaf.com:443',
|
||||
|
||||
headers: {
|
||||
'Content-Security-Policy': buildDefaultPolicy(),
|
||||
},
|
||||
|
||||
// Customise output to the (node) console
|
||||
stats: {
|
||||
colors: true, // Enable some coloured highlighting
|
||||
|
|
Loading…
Reference in a new issue