sasjs/server
1
0
Fork 0
mirror of https://github.com/sasjs/server.git synced 2025-12-11 03:34:35 +00:00
Code Issues Projects Releases Wiki Activity

fix: helmet config on http mode

Browse Source
This commit is contained in:
Mihajlo Medjedovic
2022-05-10 10:04:01 +00:00
parent 2467616296
commit b0fdaaaa79
2 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
api/src/app.ts
View File

@@ -35,9 +35,10 @@ export const cookieOptions = {
maxAge: 24 * 60 * 60 * 1000 // 24 hours
}
const cspConfigJson = getEnvCSPDirectives(HELMET_CSP_CONFIG_PATH)
const cspConfigJson: any = getEnvCSPDirectives(HELMET_CSP_CONFIG_PATH)
const coepFlag =
HELMET_COEP === 'true' || HELMET_COEP === undefined ? true : false
if (PROTOCOL === 'http') cspConfigJson['upgrade-insecure-requests'] = null
/***********************************
* CSRF Protection *