Simple app to set CSP.
var express = require('express'); | |
var path = require('path'); | |
var HEADER_VALUE = "default-src 'self';"; | |
var HEADERS = [ | |
'Content-Security-Policy', | |
'X-Content-Security-Policy', | |
'X-Webkit-CSP' | |
]; | |
var app = express(); | |
app.set('port', process.env.PORT || 8000); | |
app.use(function(req, res, next) { | |
HEADERS.forEach(function(header) { | |
res.setHeader(header, HEADER_VALUE); | |
}); | |
next(); | |
}); | |
app.use(express.static(path.resolve(__dirname, 'static'))); | |
app.listen(app.get('port'), function() { | |
console.log('App started on port ' + app.get('port')); | |
}); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment