🔧 fix: add Content Security Policy (CSP) for dev mode too

2025-01-06 01:27:24 +03:00 · 2023-10-14 12:45:42 +02:00 · 2023-10-14 12:45:42 +02:00 · 53116d4740
commit 53116d4740
parent 53186737d5
1 changed files with 9 additions and 0 deletions
--- a/packages/tauri/tauri.conf.json
+++ b/packages/tauri/tauri.conf.json
@ -53,6 +53,15 @@
            ],
            "targets": ["app", "dmg", "appimage", "deb", "updater"]
        },
+        "security": {
+            "csp": {
+                "default-src": "'self'",
+                "img-src": "'self' asset: https://asset.localhost data: https://www.gravatar.com tauri://localhost https://avatars.githubusercontent.com",
+                "connect-src": "'self' https://eu.posthog.com https://app.gitbutler.com https://o4504644069687296.ingest.sentry.io ws://localhost:7703 https://github.com",
+                "script-src": "'self' https://eu.posthog.com",
+                "style-src": "'self' 'unsafe-inline'"
+            }
+        },
        "systemTray": {
            "iconPath": "icons/tray.png",
            "iconAsTemplate": true