mirror of
https://github.com/directus/directus.git
synced 2026-04-03 03:00:39 -04:00
@@ -100,6 +100,11 @@ export default async function createApp(): Promise<express.Application> {
|
||||
directives: {
|
||||
// Unsafe-eval is required for vue3 / vue-i18n / app extensions
|
||||
scriptSrc: ["'self'", "'unsafe-eval'"],
|
||||
|
||||
// Even though this is recommended to have enabled, it breaks most local
|
||||
// installations. Making this opt-in rather than opt-out is a little more
|
||||
// friendly. Ref #10806
|
||||
upgradeInsecureRequests: null,
|
||||
},
|
||||
},
|
||||
getConfigFromEnv('CONTENT_SECURITY_POLICY_')
|
||||
|
||||
Reference in New Issue
Block a user