forked from AkkomaGang/admin-fe
Add Content-Security-Policy header to webpack so the dev server behaves like Pleroma production
This commit is contained in:
parent
6fdbd444be
commit
213e82499a
1 changed files with 3 additions and 0 deletions
|
@ -46,6 +46,9 @@ const devWebpackConfig = merge(baseWebpackConfig, {
|
|||
quiet: true, // necessary for FriendlyErrorsPlugin
|
||||
watchOptions: {
|
||||
poll: config.dev.poll
|
||||
},
|
||||
headers: {
|
||||
'content-security-policy': "base-uri 'self'; frame-ancestors 'none'; img-src 'self' data: https:; media-src 'self' https:; style-src 'self' 'unsafe-inline'; font-src 'self'; manifest-src 'self'; script-src 'self';"
|
||||
}
|
||||
},
|
||||
plugins: [
|
||||
|
|
Loading…
Reference in a new issue