Skip to content

Instantly share code, notes, and snippets.

@EvanHahn

EvanHahn/gist:99edd459a4f08bb6fd6c

Created October 23, 2014 18:49
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save EvanHahn/99edd459a4f08bb6fd6c to your computer and use it in GitHub Desktop.
Save EvanHahn/99edd459a4f08bb6fd6c to your computer and use it in GitHub Desktop.
Download ZIP
Simple app to set CSP.
Raw
gistfile1.js
var express = require('express');
var path = require('path');
var HEADER_VALUE = "default-src 'self';";
var HEADERS = [
'Content-Security-Policy',
'X-Content-Security-Policy',
'X-Webkit-CSP'
];
var app = express();
app.set('port', process.env.PORT || 8000);
app.use(function(req, res, next) {
HEADERS.forEach(function(header) {
res.setHeader(header, HEADER_VALUE);
});
next();
});
app.use(express.static(path.resolve(__dirname, 'static')));
app.listen(app.get('port'), function() {
console.log('App started on port ' + app.get('port'));
});
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment