Upload server.js
Browse files
server.js
CHANGED
|
@@ -8,7 +8,17 @@ const app = express();
|
|
| 8 |
const PORT = process.env.PORT || 7860;
|
| 9 |
|
| 10 |
// 安全中间件
|
| 11 |
-
app.use(helmet(
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 12 |
app.use(cors());
|
| 13 |
app.use(express.json());
|
| 14 |
|
|
|
|
| 8 |
const PORT = process.env.PORT || 7860;
|
| 9 |
|
| 10 |
// 安全中间件
|
| 11 |
+
app.use(helmet({
|
| 12 |
+
contentSecurityPolicy: {
|
| 13 |
+
directives: {
|
| 14 |
+
defaultSrc: ["'self'"],
|
| 15 |
+
scriptSrc: ["'self'", "'unsafe-inline'"],
|
| 16 |
+
styleSrc: ["'self'", "'unsafe-inline'"],
|
| 17 |
+
imgSrc: ["'self'", "data:", "blob:"],
|
| 18 |
+
connectSrc: ["'self'"]
|
| 19 |
+
}
|
| 20 |
+
}
|
| 21 |
+
}));
|
| 22 |
app.use(cors());
|
| 23 |
app.use(express.json());
|
| 24 |
|