Skip to content

Commit 11b1cb4

Browse files
author
Fuss Florian (uid10804)
committed
fix(server): repair non working graphiql page by modifying blocking csp rules
1 parent 40e247f commit 11b1cb4

File tree

1 file changed

+11
-1
lines changed

1 file changed

+11
-1
lines changed

packages/server/src/app/core.app.ts

Lines changed: 11 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -74,7 +74,17 @@ export class CoreApp {
7474
}
7575

7676
private setupMiddleware() {
77-
this.server.use(helmet());
77+
this.server.use(
78+
helmet({
79+
contentSecurityPolicy: {
80+
directives: {
81+
defaultSrc: ["'self'", "'unsafe-inline'", 'data'],
82+
scriptSrc: ["'self'", "'unsafe-inline'", "'unsafe-eval'"],
83+
imgSrc: ["'self'", 'data:'],
84+
},
85+
},
86+
})
87+
);
7888
this.server.use(cors());
7989
this.server.use(express.json());
8090
this.server.use(express.urlencoded({ extended: true }));

0 commit comments

Comments
 (0)