mirror of
https://github.com/hcengineering/platform.git
synced 2024-12-23 11:31:57 +03:00
fix: configure csp (#7206)
Signed-off-by: Alexander Onnikov <Alexander.Onnikov@xored.com>
This commit is contained in:
parent
130eb2dec0
commit
872c148288
@ -113,6 +113,7 @@ async function getFileRange (
|
||||
'Accept-Ranges': 'bytes',
|
||||
'Content-Length': end - start + 1,
|
||||
'Content-Type': stat.contentType,
|
||||
'Content-Security-Policy': "default-src 'none';",
|
||||
Etag: stat.etag,
|
||||
'Last-Modified': new Date(stat.modifiedOn).toISOString()
|
||||
})
|
||||
@ -202,6 +203,7 @@ async function getFile (
|
||||
const dataStream = await ctx.with('readable', {}, (ctx) => client.get(ctx, workspace, stat._id))
|
||||
res.writeHead(200, {
|
||||
'Content-Type': stat.contentType,
|
||||
'Content-Security-Policy': "default-src 'none';",
|
||||
Etag: stat.etag,
|
||||
'Last-Modified': new Date(stat.modifiedOn).toISOString(),
|
||||
'Cache-Control': cacheControlValue,
|
||||
@ -414,6 +416,7 @@ export function start (
|
||||
res.writeHead(200, {
|
||||
'accept-ranges': 'bytes',
|
||||
'content-length': blobInfo.size,
|
||||
'content-security-policy': "default-src 'none';",
|
||||
Etag: blobInfo.etag,
|
||||
'Last-Modified': new Date(blobInfo.modifiedOn).toISOString()
|
||||
})
|
||||
|
@ -291,6 +291,7 @@ function r2MetadataHeaders (head: R2Object): Headers {
|
||||
'Accept-Ranges': 'bytes',
|
||||
'Content-Length': head.size.toString(),
|
||||
'Content-Type': head.httpMetadata.contentType ?? '',
|
||||
'Content-Security-Policy': "default-src 'none';",
|
||||
'Cache-Control': head.httpMetadata.cacheControl ?? cacheControl,
|
||||
'Last-Modified': head.uploaded.toUTCString(),
|
||||
ETag: head.httpEtag
|
||||
@ -298,6 +299,7 @@ function r2MetadataHeaders (head: R2Object): Headers {
|
||||
: new Headers({
|
||||
'Accept-Ranges': 'bytes',
|
||||
'Content-Length': head.size.toString(),
|
||||
'Content-Security-Policy': "default-src 'none';",
|
||||
'Cache-Control': cacheControl,
|
||||
'Last-Modified': head.uploaded.toUTCString(),
|
||||
ETag: head.httpEtag
|
||||
|
Loading…
Reference in New Issue
Block a user