sasjs/server
1
0
Fork 0
mirror of https://github.com/sasjs/server.git synced 2026-01-05 05:40:06 +00:00
Code Issues Projects Releases Wiki Activity

fix: helmet config on http mode

Browse Source
This commit is contained in:
Mihajlo Medjedovic
2022-05-10 10:04:01 +00:00
parent 2467616296
commit b0fdaaaa79
2 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@@ -11,3 +11,4 @@ sasjscore/
certificates/ certificates/
executables/ executables/
.env .env
api/csp.config.json

3
api/src/app.ts
View File

@@ -35,9 +35,10 @@ export const cookieOptions = {
maxAge: 24 * 60 * 60 * 1000 // 24 hours maxAge: 24 * 60 * 60 * 1000 // 24 hours
} }
const cspConfigJson = getEnvCSPDirectives(HELMET_CSP_CONFIG_PATH) const cspConfigJson: any = getEnvCSPDirectives(HELMET_CSP_CONFIG_PATH)
const coepFlag = const coepFlag =
HELMET_COEP === 'true' || HELMET_COEP === undefined ? true : false HELMET_COEP === 'true' || HELMET_COEP === undefined ? true : false
if (PROTOCOL === 'http') cspConfigJson['upgrade-insecure-requests'] = null
/*********************************** /***********************************
* CSRF Protection * * CSRF Protection *