We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
1 parent fd84fa2 commit b08562aCopy full SHA for b08562a
blog/25-12-04/bypass-csp/server/test-server.js
@@ -53,7 +53,13 @@
53
}
54
55
var csp = `default-src 'self';connect-src 'self';script-src 'self' 'unsafe-inline';`;
56
- res.writeHead(200,{'content-type':'text/html','content-security-policy':csp});
+ var headers = {
57
+ 'content-type' : 'text/html',
58
+ 'content-security-policy' : csp,
59
+ 'access-control-allow-origin' : '*',
60
+ 'access-control-expose-headers' : 'content-length, content-encoding, content-disposition etag'
61
+ }
62
+ res.writeHead(200,headers);
63
res.end(html)
64
65
});
0 commit comments