diff --git a/server/front/src/index.ts b/server/front/src/index.ts index 70ebeaddbe..e77d34000d 100644 --- a/server/front/src/index.ts +++ b/server/front/src/index.ts @@ -113,6 +113,7 @@ async function getFileRange ( 'Accept-Ranges': 'bytes', 'Content-Length': end - start + 1, 'Content-Type': stat.contentType, + 'Content-Security-Policy': "default-src 'none';", Etag: stat.etag, 'Last-Modified': new Date(stat.modifiedOn).toISOString() }) @@ -202,6 +203,7 @@ async function getFile ( const dataStream = await ctx.with('readable', {}, (ctx) => client.get(ctx, workspace, stat._id)) res.writeHead(200, { 'Content-Type': stat.contentType, + 'Content-Security-Policy': "default-src 'none';", Etag: stat.etag, 'Last-Modified': new Date(stat.modifiedOn).toISOString(), 'Cache-Control': cacheControlValue, @@ -414,6 +416,7 @@ export function start ( res.writeHead(200, { 'accept-ranges': 'bytes', 'content-length': blobInfo.size, + 'content-security-policy': "default-src 'none';", Etag: blobInfo.etag, 'Last-Modified': new Date(blobInfo.modifiedOn).toISOString() }) diff --git a/workers/datalake/src/blob.ts b/workers/datalake/src/blob.ts index 9742277b92..2c637b8ae5 100644 --- a/workers/datalake/src/blob.ts +++ b/workers/datalake/src/blob.ts @@ -291,6 +291,7 @@ function r2MetadataHeaders (head: R2Object): Headers { 'Accept-Ranges': 'bytes', 'Content-Length': head.size.toString(), 'Content-Type': head.httpMetadata.contentType ?? '', + 'Content-Security-Policy': "default-src 'none';", 'Cache-Control': head.httpMetadata.cacheControl ?? cacheControl, 'Last-Modified': head.uploaded.toUTCString(), ETag: head.httpEtag @@ -298,6 +299,7 @@ function r2MetadataHeaders (head: R2Object): Headers { : new Headers({ 'Accept-Ranges': 'bytes', 'Content-Length': head.size.toString(), + 'Content-Security-Policy': "default-src 'none';", 'Cache-Control': cacheControl, 'Last-Modified': head.uploaded.toUTCString(), ETag: head.httpEtag