akanealw/caddy-proxy-manager
1
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity

Allow cdn.jsdelivr.net in CSP for Swagger UI API docs page

Browse Source 
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
fuomag9
2026-04-10 14:15:37 +02:00
parent 2dea2af20f
commit 95cb97b48a
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
proxy.ts
View File

@@ -21,10 +21,10 @@ function buildCsp(nonce: string): string {
const directives = [
"default-src 'self'",
isDev
? `script-src 'self' 'nonce-${nonce}' 'unsafe-eval'`
: `script-src 'self' 'nonce-${nonce}'`,
? `script-src 'self' 'nonce-${nonce}' 'unsafe-eval' https://cdn.jsdelivr.net`
: `script-src 'self' 'nonce-${nonce}' https://cdn.jsdelivr.net`,
// style-src still needs 'unsafe-inline' for React JSX inline style props
"style-src 'self' 'unsafe-inline' https://fonts.googleapis.com",
"style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jsdelivr.net",
"font-src 'self' https://fonts.gstatic.com",
"img-src 'self' data: blob:",
"worker-src blob:",