Simple app to set CSP.
| var express = require('express'); | |
| var path = require('path'); | |
| var HEADER_VALUE = "default-src 'self';"; | |
| var HEADERS = [ | |
| 'Content-Security-Policy', | |
| 'X-Content-Security-Policy', | |
| 'X-Webkit-CSP' | |
| ]; | |
| var app = express(); | |
| app.set('port', process.env.PORT || 8000); | |
| app.use(function(req, res, next) { | |
| HEADERS.forEach(function(header) { | |
| res.setHeader(header, HEADER_VALUE); | |
| }); | |
| next(); | |
| }); | |
| app.use(express.static(path.resolve(__dirname, 'static'))); | |
| app.listen(app.get('port'), function() { | |
| console.log('App started on port ' + app.get('port')); | |
| }); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment