Superuser/miniapp-api
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: CSP img-src放宽为*通配符

Browse Source
This commit is contained in:
Developer
2026-05-17 13:10:44 +08:00
parent c3b309413e
commit b31835a74d
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/app.js
+1 -1
View File
@@ -35,7 +35,7 @@ app.use(helmet({
scriptSrc: ["'self'", "'unsafe-inline'"],
scriptSrcAttr: ["'unsafe-inline'"],
styleSrc: ["'self'", "'unsafe-inline'", "https:"],
imgSrc: ["'self'", "data:", "https:", "http:", "blob:"],
imgSrc: ["*", "data:", "blob:"],
connectSrc: ["'self'", "https:", "http:"],
},
},