diff options
author | Literallie | 2017-10-18 17:45:57 +0200 |
---|---|---|
committer | Literallie | 2017-10-22 00:03:45 +0200 |
commit | 5d2d3ec875310de07fe79ae605dfbc0f1df585c5 (patch) | |
tree | 3d2c64e575d76a6ad4e6be54f1f5a21009f7d926 /lib | |
parent | ba183ce6543f102ae635502a0da0ac7c923cc97a (diff) |
CSP: Upgrade insecure requests if possible
Config option; default is to only upgrade if usessl
Diffstat (limited to 'lib')
-rw-r--r-- | lib/config/default.js | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/lib/config/default.js b/lib/config/default.js index e207dfc6..217d11d0 100644 --- a/lib/config/default.js +++ b/lib/config/default.js @@ -20,8 +20,9 @@ module.exports = { defaultSrc: ["'self'"], scriptSrc: ["'self'"], styleSrc: ["'self'", "'unsafe-inline'"], - fontSrc: ["'self'"] - } + fontSrc: ["'self'"], + }, + upgradeInsecureRequests: 'auto' }, protocolusessl: false, usecdn: true, |