Skip to content

Instantly share code, notes, and snippets.

@rishi-raj-jain

rishi-raj-jain/routes.js

Created June 24, 2021 11:50
Show Gist options
  • Save rishi-raj-jain/425a5ad833762094e877c25efbd79ac9 to your computer and use it in GitHub Desktop.
Save rishi-raj-jain/425a5ad833762094e877c25efbd79ac9 to your computer and use it in GitHub Desktop.
Download ZIP
(CSP) Content Security Policy Headers
Raw
routes.js
const { Router } = require('@layer0/core/router')
const ContentSecurityPolicy = `
default-src 'self';
script-src 'self' 'unsafe-eval' 'unsafe-inline' *.layer0.co;
style-src 'self' 'unsafe-inline' *.googleapis.com;
img-src * blob: data:;
media-src 'none';
connect-src *;
font-src 'self' *.gstatic.com;
`;
new Router()
.get("/:route", ({ setResponseHeader }) => {
setResponseHeader("Content-Security-Policy", ContentSecurityPolicy.replace(/\n/g, ""));
}
)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment