Skip to content

Commit

Permalink
chore: add csp to allow script executions from only self and installe…
Browse files Browse the repository at this point in the history 
…d extensions
  • Loading branch information
@abose
abose committed Oct 6, 2023
1 parent b7de616 commit 4b34784
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 1 deletion.
2 changes: 2 additions & 0 deletions src/index.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,8 @@
<html lang="en">
<head id="main-scripts-head">
<meta charset="utf-8">
<meta http-equiv="Content-Security-Policy"
content="default-src 'self' 'unsafe-inline' 'unsafe-eval' asset: https://asset.localhost https://storage.googleapis.com; img-src *; media-src *; frame-src *; connect-src *; font-src *;">
<meta name= "viewport" content="width=device-width, user-scalable=no" />
<meta name="theme-color" content="#47484B">
<link rel="apple-touch-icon" sizes="180x180" href="styles/images/favicons/apple-touch-icon.png">
Expand Down
3 changes: 2 additions & 1 deletion test/SpecRunner.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,8 @@
<html lang="en">
<head>
<title>Jasmine Spec Runner</title>

<meta http-equiv="Content-Security-Policy"
content="default-src 'self' 'unsafe-inline' 'unsafe-eval' asset: https://asset.localhost https://storage.googleapis.com; img-src *; media-src *; frame-src *; connect-src *; font-src *;">
<script type="text/javascript">
//brackets.app.showDeveloperTools();
console.warn('Make sure to run this following command before starting tests : npm run build ');
Expand Down

0 comments on commit 4b34784

Please sign in to comment.