regalijan/car-crushers-portal
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add CSP to potentially fix turnstile on safari

Browse Source
This commit is contained in:
regalijan 2023-10-19 16:49:27 -04:00
parent a078832d4b
commit fb4be4cc44
Signed by: regalijan
GPG Key ID: 5D4196DA269EF520
1 changed files with 19 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
functions/_middleware.ts
View File

@ -100,6 +100,25 @@ async function setHeaders(context: RequestContext) {
response.headers.set("X-Frame-Options", "DENY"); response.headers.set("X-Frame-Options", "DENY");
response.headers.set("X-XSS-Protection", "1; mode=block"); response.headers.set("X-XSS-Protection", "1; mode=block");
const policies = {
"connect-src": ["https://*.ingest.sentry.io", "'self'"],
"default-src": ["'self'"],
"frame-src": ["https://challenges.cloudflare.com"],
"img-src": [
"https://cdn.discordapp.com/avatars/*",
"https://tr.rbxcdn.com",
"'self'",
],
"media-src": ["https://mediaproxy.carcrushers.cc"],
"script-src": ["https://challenges.cloudflare.com", "'self'"],
};
const directives = [];
for (const [k, v] of Object.entries(policies)) directives.push(`${k} ${v}`);
response.headers.set("Content-Security-Policy", directives.join("; "));
return response; return response;
} }