diff options
author | Literallie | 2017-10-18 19:37:55 +0200 |
---|---|---|
committer | Literallie | 2017-10-22 00:03:45 +0200 |
commit | 4238b9b3efc3a9c001b5e1cf6c1883ffd0f92800 (patch) | |
tree | 05810009e4780fc058d1f3a625d96cbb8985669b /app.js | |
parent | 080436aebb4c4681f85cc8bf5d8563832ff8dbdd (diff) |
Fix MathJax CSP issues
Diffstat (limited to 'app.js')
-rw-r--r-- | app.js | 14 |
1 files changed, 7 insertions, 7 deletions
@@ -118,22 +118,22 @@ app.use((req, res, next) => { // https://helmetjs.github.io/docs/csp/ if (config.csp.enable) { var cdnDirectives = { - scriptSrc: ["https://cdnjs.cloudflare.com"], - styleSrc: ["https://cdnjs.cloudflare.com", "https://fonts.googleapis.com"], - fontSrc: ["https://cdnjs.cloudflare.com", "https://fonts.gstatic.com"] + scriptSrc: ['https://cdnjs.cloudflare.com', 'https://cdn.mathjax.org'], + styleSrc: ['https://cdnjs.cloudflare.com', 'https://fonts.googleapis.com'], + fontSrc: ['https://cdnjs.cloudflare.com', 'https://fonts.gstatic.com'] } var directives = {} for (var propertyName in config.csp.directives) { - if(config.csp.directives.hasOwnProperty(propertyName)) { + if (config.csp.directives.hasOwnProperty(propertyName)) { var directive = config.csp.directives[propertyName] if (config.usecdn && !!cdnDirectives[propertyName]) { directive = directive.concat(cdnDirectives[propertyName]) } - directives[propertyName] = directive; + directives[propertyName] = directive } } directives.scriptSrc.push(function (req, res) { return "'nonce-" + res.locals.nonce + "'" }) - if(config.csp.upgradeInsecureRequests === 'auto') { + if (config.csp.upgradeInsecureRequests === 'auto') { directives.upgradeInsecureRequests = config.usessl === 'true' } else { directives.upgradeInsecureRequests = config.csp.upgradeInsecureRequests === 'true' @@ -142,7 +142,7 @@ if (config.csp.enable) { directives: directives })) } else { - logger.info('Content-Security-Policy is disabled. This may be a security risk.'); + logger.info('Content-Security-Policy is disabled. This may be a security risk.') } i18n.configure({ |