Merge branch 'csp-header' into 'develop' - pleroma-fe - My custom branche(s) on git.pleroma.social/pleroma/pleroma-fe

commit: 0a7c60c30376dfa0bb3058b16f0e59485f5397c6
parent: cf2dc5b68336b858c5acb701a5a5549d09a2ccc8
Author: HJ <30-hj@users.noreply.git.pleroma.social>
Date:   Wed, 10 Jul 2019 18:44:27 +0000

Merge branch 'csp-header' into 'develop'

Add Content-Security-Policy header

See merge request pleroma/pleroma-fe!856
Diffstat:
M build/dev-server.js 3 +++

1 file changed, 3 insertions(+), 0 deletions(-)
diff --git a/build/dev-server.js b/build/dev-server.js
@@ -24,6 +24,9 @@ var devMiddleware = require('webpack-dev-middleware')(compiler, {
   stats: {
     colors: true,
     chunks: false
+  },
+  headers: {
+    'content-security-policy': "base-uri 'self'; frame-ancestors 'none'; img-src 'self' data: https:; media-src 'self' https:; style-src 'self' 'unsafe-inline'; font-src 'self'; manifest-src 'self'; script-src 'self' 'unsafe-eval';"
   }
 })