From 9d3448c880c0b2b3fec2f8acf68cf4cc472ee81a Mon Sep 17 00:00:00 2001
From: syuilo <Syuilotan@yahoo.co.jp>
Date: Tue, 24 Aug 2021 13:08:20 +0900
Subject: fix(server): use csp to imporve security

---
 src/server/proxy/index.ts | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'src/server/proxy/index.ts')

diff --git a/src/server/proxy/index.ts b/src/server/proxy/index.ts
index 9ef198d31b..b8993f19f8 100644
--- a/src/server/proxy/index.ts
+++ b/src/server/proxy/index.ts
@@ -10,6 +10,10 @@ import { proxyMedia } from './proxy-media';
 // Init app
 const app = new Koa();
 app.use(cors());
+app.use(async (ctx, next) => {
+	ctx.set('Content-Security-Policy', `default-src 'none'; style-src 'unsafe-inline'`);
+	await next();
+});
 
 // Init router
 const router = new Router();
-- 
cgit v1.2.3-freya