mirror of
https://github.com/QuivrHQ/quivr.git
synced 2024-12-14 17:03:29 +03:00
fix: csp (#2016)
added preview env # Description Please include a summary of the changes and the related issue. Please also include relevant motivation and context. ## Checklist before requesting a review Please delete options that are not relevant. - [ ] My code follows the style guidelines of this project - [ ] I have performed a self-review of my code - [ ] I have commented hard-to-understand areas - [ ] I have ideally added tests that prove my fix is effective or that my feature works - [ ] New and existing unit tests pass locally with my changes - [ ] Any dependent changes have been merged ## Screenshots (if appropriate):
This commit is contained in:
parent
35aa95ec34
commit
b18f45dfe1
@ -1,42 +0,0 @@
|
||||
from packages.utils.handle_request_validation_error import (
|
||||
handle_request_validation_error,
|
||||
)
|
||||
|
||||
if __name__ == "__main__":
|
||||
# import needed here when running main.py to debug backend
|
||||
# you will need to run pip install python-dotenv
|
||||
from dotenv import load_dotenv # type: ignore
|
||||
|
||||
load_dotenv()
|
||||
from fastapi import FastAPI, HTTPException
|
||||
from fastapi.responses import JSONResponse
|
||||
from logger import get_logger
|
||||
from middlewares.cors import add_cors_middleware
|
||||
from modules.chat.controller import chat_router
|
||||
from modules.misc.controller import misc_router
|
||||
|
||||
logger = get_logger(__name__)
|
||||
|
||||
app = FastAPI()
|
||||
|
||||
add_cors_middleware(app)
|
||||
|
||||
app.include_router(chat_router)
|
||||
app.include_router(misc_router)
|
||||
|
||||
|
||||
@app.exception_handler(HTTPException)
|
||||
async def http_exception_handler(_, exc):
|
||||
return JSONResponse(
|
||||
status_code=exc.status_code,
|
||||
content={"detail": exc.detail},
|
||||
)
|
||||
|
||||
|
||||
handle_request_validation_error(app)
|
||||
|
||||
if __name__ == "__main__":
|
||||
# run main.py to debug backend
|
||||
import uvicorn
|
||||
|
||||
uvicorn.run(app, host="0.0.0.0", port=5050)
|
@ -1,40 +0,0 @@
|
||||
from packages.utils import handle_request_validation_error
|
||||
|
||||
if __name__ == "__main__":
|
||||
# import needed here when running main.py to debug backend
|
||||
# you will need to run pip install python-dotenv
|
||||
from dotenv import load_dotenv # type: ignore
|
||||
|
||||
load_dotenv()
|
||||
from fastapi import FastAPI, HTTPException
|
||||
from fastapi.responses import JSONResponse
|
||||
from logger import get_logger
|
||||
from middlewares.cors import add_cors_middleware
|
||||
from modules.misc.controller import misc_router
|
||||
from routes.crawl_routes import crawl_router
|
||||
|
||||
logger = get_logger(__name__)
|
||||
app = FastAPI()
|
||||
|
||||
add_cors_middleware(app)
|
||||
|
||||
|
||||
app.include_router(crawl_router)
|
||||
app.include_router(misc_router)
|
||||
|
||||
|
||||
@app.exception_handler(HTTPException)
|
||||
async def http_exception_handler(_, exc):
|
||||
return JSONResponse(
|
||||
status_code=exc.status_code,
|
||||
content={"detail": exc.detail},
|
||||
)
|
||||
|
||||
|
||||
handle_request_validation_error(app)
|
||||
|
||||
if __name__ == "__main__":
|
||||
# run main.py to debug backend
|
||||
import uvicorn
|
||||
|
||||
uvicorn.run(app, host="0.0.0.0", port=5050)
|
@ -1,50 +0,0 @@
|
||||
import os
|
||||
|
||||
from packages.utils import handle_request_validation_error
|
||||
|
||||
if __name__ == "__main__":
|
||||
# import needed here when running main.py to debug backend
|
||||
# you will need to run pip install python-dotenv
|
||||
from dotenv import load_dotenv # type: ignore
|
||||
|
||||
load_dotenv()
|
||||
import pypandoc
|
||||
from fastapi import FastAPI, HTTPException
|
||||
from fastapi.responses import JSONResponse
|
||||
from logger import get_logger
|
||||
from middlewares.cors import add_cors_middleware
|
||||
from modules.misc.controller import misc_router
|
||||
from modules.upload.controller import upload_router
|
||||
|
||||
logger = get_logger(__name__)
|
||||
app = FastAPI()
|
||||
|
||||
|
||||
@app.on_event("startup")
|
||||
async def startup_event():
|
||||
if not os.path.exists(pypandoc.get_pandoc_path()):
|
||||
pypandoc.download_pandoc()
|
||||
|
||||
|
||||
add_cors_middleware(app)
|
||||
|
||||
|
||||
app.include_router(upload_router)
|
||||
app.include_router(misc_router)
|
||||
|
||||
|
||||
@app.exception_handler(HTTPException)
|
||||
async def http_exception_handler(_, exc):
|
||||
return JSONResponse(
|
||||
status_code=exc.status_code,
|
||||
content={"detail": exc.detail},
|
||||
)
|
||||
|
||||
|
||||
handle_request_validation_error(app)
|
||||
|
||||
if __name__ == "__main__":
|
||||
# run main.py to debug backend
|
||||
import uvicorn
|
||||
|
||||
uvicorn.run(app, host="0.0.0.0", port=5050)
|
@ -37,6 +37,8 @@ const ContentSecurityPolicy = {
|
||||
process.env.NEXT_PUBLIC_SUPABASE_URL,
|
||||
"https://api.june.so",
|
||||
"https://us.posthog.com",
|
||||
"https://preview.quivr.app",
|
||||
"https://*.vercel.app",
|
||||
process.env.NEXT_PUBLIC_FRONTEND_URL,
|
||||
],
|
||||
"connect-src": [
|
||||
@ -48,7 +50,7 @@ const ContentSecurityPolicy = {
|
||||
"https://api.openai.com",
|
||||
"https://cdn.growthbook.io",
|
||||
"https://vitals.vercel-insights.com/v1/vitals",
|
||||
"https://us.posthog.com"
|
||||
"https://us.posthog.com",
|
||||
],
|
||||
"img-src": [
|
||||
"'self'",
|
||||
@ -62,21 +64,28 @@ const ContentSecurityPolicy = {
|
||||
"https://user-images.githubusercontent.com",
|
||||
process.env.NEXT_PUBLIC_FRONTEND_URL,
|
||||
"https://quivr-cms.s3.eu-west-3.amazonaws.com",
|
||||
"https://preview.quivr.app",
|
||||
"https://*.vercel.app",
|
||||
],
|
||||
"script-src": [
|
||||
"'unsafe-inline'",
|
||||
"'unsafe-eval'",
|
||||
"https://va.vercel-scripts.com/",
|
||||
process.env.NEXT_PUBLIC_FRONTEND_URL,
|
||||
"https://preview.quivr.app",
|
||||
"https://*.vercel.app",
|
||||
"https://www.google-analytics.com/",
|
||||
"https://js.stripe.com",
|
||||
"https://us.posthog.com"
|
||||
],
|
||||
"frame-src": ["https://js.stripe.com",
|
||||
"https://us.posthog.com"
|
||||
"https://us.posthog.com",
|
||||
],
|
||||
"frame-src": ["https://js.stripe.com", "https://us.posthog.com"],
|
||||
"frame-ancestors": ["'none'"],
|
||||
"style-src": ["'unsafe-inline'", process.env.NEXT_PUBLIC_FRONTEND_URL],
|
||||
"style-src": [
|
||||
"'unsafe-inline'",
|
||||
process.env.NEXT_PUBLIC_FRONTEND_URL,
|
||||
"https://preview.quivr.app",
|
||||
"https://*.vercel.app",
|
||||
],
|
||||
};
|
||||
|
||||
// Build CSP string
|
||||
|
Loading…
Reference in New Issue
Block a user