Skip to content
This repository has been archived by the owner on Jan 24, 2019. It is now read-only.

Commit

Permalink
Fix bug 950885 - Only send standard CSP header
Browse files Browse the repository at this point in the history
  • Loading branch information
@jbuck
jbuck committed Dec 16, 2013
1 parent e071d29 commit 4712d88
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 1 deletion.
3 changes: 3 additions & 0 deletions app.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,9 @@ server.use(helmet.iexss());
server.use(helmet.contentTypeOptions());

server.use(hood.csp({
headers: [
"Content-Security-Policy"
],
policy: {
'default-src': ["'self'"],
'frame-src': ["https://login.persona.org"],
Expand Down
2 changes: 1 addition & 1 deletion package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@
"express": "3.2.0",
"habitat": "0.4.2",
"helmet": "0.1.2",
"hood": "0.1.2",
"hood": "0.2.1",
"knox": "0.8.6",
"makeapi-client": "https://github.com/mozilla/makeapi-client/tarball/v0.5.12",
"messina": "0.1.1",
Expand Down

0 comments on commit 4712d88

Please sign in to comment.