injection security

This commit is contained in:
null 2026-05-27 14:14:24 -05:00
parent 4410f01d48
commit 0cfa048d0d
1 changed files with 1 additions and 1 deletions

View File

@ -65,7 +65,7 @@ const isDev = process.env.NODE_ENV === 'development'
const cspDirectives = {
defaultSrc: ["'self'"],
scriptSrc: ["'self'", 'https://www.google.com/recaptcha/', 'https://www.gstatic.com/recaptcha/'],
styleSrc: ["'self'", 'https://fonts.googleapis.com'],
styleSrc: ["'self'", "'unsafe-inline'", 'https://fonts.googleapis.com'],
fontSrc: ["'self'", 'https://fonts.gstatic.com'],
imgSrc: ["'self'", 'data:'],
connectSrc: isDev ? ["'self'", 'ws://localhost:*'] : ["'self'"],