set content security policy

2022-01-27 13:26:08 +00:00 · 2022-01-27 13:26:08 +00:00 · fefd5245e6
parent cc84b2b2d9
commit fefd5245e6
1 changed files with 1 additions and 0 deletions
--- a/index.js
+++ b/index.js
@ -25,6 +25,7 @@ app.use(rateLimiter)
 app.get('/', (req, res) => {
 	url = req.query.url;
 	res.header("Access-Control-Allow-Origin", '*');
+ 	res.header("Content-Security-Policy", 'connect-src *');
 	res.header("Access-Control-Expose-Headers", 'X-Title');
 	res.header("Content-Type", 'text/markdown');
 	if (url && validURL(url)) {