Nemcio/NodeBB
1
0
Fork 0
mirror of https://github.com/NodeBB/NodeBB.git synced 2025-10-26 08:36:12 +01:00
Code Issues Packages Projects Releases Wiki Activity

dep: closes #11577

Browse Source 
Breaking: Cross-Origin-Embedder-Policy middleware is now disabled by default. See #​411
This commit is contained in:
Barış Soner Uşaklı
2023-05-10 17:42:56 -04:00
parent 90e53177fc
commit ad1ae29105
2 changed files with 2 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
install/package.json
View File

@@ -67,7 +67,7 @@
"file-loader": "6.2.0", "file-loader": "6.2.0",
"fs-extra": "11.1.1", "fs-extra": "11.1.1",
"graceful-fs": "4.2.11", "graceful-fs": "4.2.11",
"helmet": "6.2.0", "helmet": "7.0.0",
"html-to-text": "9.0.5", "html-to-text": "9.0.5",
"ipaddr.js": "2.0.1", "ipaddr.js": "2.0.1",
"jquery": "3.6.4", "jquery": "3.6.4",

4
src/webserver.js
View File

@@ -192,11 +192,9 @@ function setupHelmet(app) {
crossOriginOpenerPolicy: { policy: meta.config['cross-origin-opener-policy'] }, crossOriginOpenerPolicy: { policy: meta.config['cross-origin-opener-policy'] },
crossOriginResourcePolicy: { policy: meta.config['cross-origin-resource-policy'] }, crossOriginResourcePolicy: { policy: meta.config['cross-origin-resource-policy'] },
referrerPolicy: { policy: 'strict-origin-when-cross-origin' }, referrerPolicy: { policy: 'strict-origin-when-cross-origin' },
crossOriginEmbedderPolicy: !!meta.config['cross-origin-embedder-policy'],
}; };
if (!meta.config['cross-origin-embedder-policy']) {
options.crossOriginEmbedderPolicy = false;
}
if (meta.config['hsts-enabled']) { if (meta.config['hsts-enabled']) {
options.hsts = { options.hsts = {
maxAge: meta.config['hsts-maxage'], maxAge: meta.config['hsts-maxage'],