grimneko/bibliogram
1
0
Fork 0
Code Releases Activity

Add some security headers

Browse Source
This commit is contained in:
Cadence Ember
2020-05-30 23:07:32 +12:00
parent ea81b945ce
commit d3c6598e50
5 changed files with 24 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
src/site/server.js
View File

@@ -4,6 +4,11 @@ const constants = require("../lib/constants")
const passthrough = require("./passthrough")
const deniedFeatures = [
"accelerometer", "ambient-light-sensor", "battery", "camera", "display-capture", "document-domain", "geolocation", "gyroscope",
"magnetometer", "microphone", "midi", "payment", "publickey-credentials-get", "sync-xhr", "usb", "xr-spatial-tracking"
]
const pinski = new Pinski({
port: +process.env.PORT || constants.port,
ip: constants.bind_ip,
@@ -12,6 +17,12 @@ const pinski = new Pinski({
exts: ["ttf", "woff2", "png", "jpg", "jpeg", "svg", "gif", "webmanifest", "ico"],
seconds: 604800
},
globalHeaders: {
"Content-Security-Policy": "default-src 'self'; frame-ancestors 'none'; block-all-mixed-content",
"Feature-Policy": deniedFeatures.map(feature => `${feature} 'none'`).join("; "),
"Referrer-Policy": "origin",
"X-Content-Type-Options": "nosniff"
}
})
subdirs("pug", async (err, dirs) => {