mirror of
https://github.com/usebruno/bruno.git
synced 2024-12-23 07:09:01 +01:00
fix: Fix Content-Security-Policy config
This commit is contained in:
parent
8fb8eee5ef
commit
5be12543e5
@ -14,16 +14,18 @@ const { loadWindowState, saveBounds, saveMaximized } = require('./utils/window')
|
|||||||
|
|
||||||
const lastOpenedCollections = new LastOpenedCollections();
|
const lastOpenedCollections = new LastOpenedCollections();
|
||||||
|
|
||||||
|
// Reference: https://content-security-policy.com/
|
||||||
const contentSecurityPolicy = [
|
const contentSecurityPolicy = [
|
||||||
isDev ? "default-src 'self' 'unsafe-inline' 'unsafe-eval'" : "default-src 'self'",
|
"default-src 'self'",
|
||||||
"connect-src 'self' https://api.github.com/repos/usebruno/bruno",
|
"script-src * 'unsafe-inline' 'unsafe-eval'",
|
||||||
"font-src 'self' https://fonts.gstatic.com",
|
"connect-src 'self' api.github.com",
|
||||||
|
"font-src 'self' https:",
|
||||||
"form-action 'none'",
|
"form-action 'none'",
|
||||||
"img-src 'self' blob: data:",
|
"img-src 'self' blob: data: https:",
|
||||||
"style-src 'self' https://fonts.googleapis.com"
|
"style-src 'self' 'unsafe-inline' https:"
|
||||||
];
|
];
|
||||||
|
|
||||||
setContentSecurityPolicy(contentSecurityPolicy.join(';'));
|
setContentSecurityPolicy(contentSecurityPolicy.join(';') + ';');
|
||||||
|
|
||||||
const menu = Menu.buildFromTemplate(menuTemplate);
|
const menu = Menu.buildFromTemplate(menuTemplate);
|
||||||
Menu.setApplicationMenu(menu);
|
Menu.setApplicationMenu(menu);
|
||||||
|
Loading…
Reference in New Issue
Block a user