admin/sena_db_api_layer
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

update
All checks were successful
Deploy to Production / deploy (push) Successful in 20s
Details

Browse Source
This commit is contained in:
silverpro89
2026-01-28 20:34:15 +07:00
parent f8a8923cd9
commit 41cfb533d5
3 changed files with 666 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
app.js
View File

@@ -53,10 +53,11 @@ app.use(helmet({
contentSecurityPolicy: {
directives: {
defaultSrc: ["'self'"],
scriptSrc: ["'self'", "'unsafe-inline'"], // Allow inline scripts for Swagger UI
styleSrc: ["'self'", "'unsafe-inline'"], // Allow inline styles for Swagger UI
imgSrc: ["'self'", "data:", "https:", "validator.swagger.io"], // Allow Swagger validator
connectSrc: ["'self'"],
scriptSrc: ["'self'", "'unsafe-inline'", "'unsafe-eval'"], // Allow inline scripts
scriptSrcAttr: ["'unsafe-inline'"], // Allow inline event handlers
styleSrc: ["'self'", "'unsafe-inline'"], // Allow inline styles
imgSrc: ["'self'", "data:", "https:", "http:", "validator.swagger.io"], // Allow all images
connectSrc: ["'self'", "http://senaai.tech:10000", "https://senaai.tech"], // Allow API calls
fontSrc: ["'self'"],
objectSrc: ["'none'"],
mediaSrc: ["'self'"],