Skip to content

Instantly share code, notes, and snippets.

@colinmacdonald

colinmacdonald/app.js

Created June 16, 2014 18:44
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save colinmacdonald/b7b7ca92735f6c912874 to your computer and use it in GitHub Desktop.
Save colinmacdonald/b7b7ca92735f6c912874 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
app.js
var express = require('express');
var app = express();
app.use(express.methodOverride());
// Naive nonce using just timestamp.
var nonce = new Date().valueOf();
var contentSecurityPolicy = function(req, res, next) {
//res.header('Content-Security-Policy', "script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.goinstant.net http://ajax.googleapis.com");
res.header('Content-Security-Policy', "script-src 'self' 'unsafe-inline' https://cdn.goinstant.net http://ajax.googleapis.com");
next();
};
app.use(contentSecurityPolicy);
app.get('/', function(req, res){
var body = '<!doctype html><body>' +
'<script src="//ajax.googleapis.com/ajax/libs/jquery/2.0.0/jquery.min.js"></script>\n\n' +
'<script src="https://cdn.goinstant.net/v1/platform.min.js"></script>';
res.setHeader('Content-Type', 'text/html');
res.setHeader('Content-Length', body.length);
res.end(body);
});
app.listen(3000);
console.log('Listening on port 3000');
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment