fix:csp issue
This commit is contained in:
@@ -46,14 +46,15 @@ export const handle: Handle = async ({ event, resolve }) => {
|
|||||||
response.headers.set(
|
response.headers.set(
|
||||||
'Content-Security-Policy',
|
'Content-Security-Policy',
|
||||||
"default-src 'self'; " +
|
"default-src 'self'; " +
|
||||||
"script-src 'self' 'unsafe-inline' 'unsafe-eval'; " +
|
"script-src 'self' 'unsafe-inline' 'unsafe-eval'; " +
|
||||||
"style-src 'self' 'unsafe-inline' fonts.googleapis.com; " +
|
"worker-src 'self' blob:; " +
|
||||||
"font-src 'self' fonts.gstatic.com; " +
|
"style-src 'self' 'unsafe-inline' fonts.googleapis.com; " +
|
||||||
"img-src 'self' data: blob: *.openstreetmap.org *.tile.openstreetmap.org; " +
|
"font-src 'self' fonts.gstatic.com; " +
|
||||||
"connect-src 'self' *.openstreetmap.org; " +
|
"img-src 'self' data: blob: *.openstreetmap.org *.tile.openstreetmap.org; " +
|
||||||
"frame-ancestors 'none'; " +
|
"connect-src 'self' *.openstreetmap.org; " +
|
||||||
"base-uri 'self'; " +
|
"frame-ancestors 'none'; " +
|
||||||
"form-action 'self';"
|
"base-uri 'self'; " +
|
||||||
|
"form-action 'self';"
|
||||||
);
|
);
|
||||||
|
|
||||||
response.headers.set('X-Frame-Options', 'DENY');
|
response.headers.set('X-Frame-Options', 'DENY');
|
||||||
|
|||||||
@@ -26,11 +26,7 @@ const ASSETS = [
|
|||||||
];
|
];
|
||||||
|
|
||||||
// Assets to precache for better performance
|
// Assets to precache for better performance
|
||||||
const CRITICAL_ASSETS = [
|
const CRITICAL_ASSETS = ['/cafe-bg-compressed.jpg', '/fonts/Washington.ttf', '/logo.svg'];
|
||||||
'/cafe-bg-compressed.jpg',
|
|
||||||
'/fonts/Washington.ttf',
|
|
||||||
'/logo.svg'
|
|
||||||
];
|
|
||||||
|
|
||||||
self.addEventListener('install', (event) => {
|
self.addEventListener('install', (event) => {
|
||||||
// Create a new cache and add all files to it
|
// Create a new cache and add all files to it
|
||||||
@@ -47,7 +43,12 @@ self.addEventListener('install', (event) => {
|
|||||||
try {
|
try {
|
||||||
const response = await fetch(asset);
|
const response = await fetch(asset);
|
||||||
if (response.ok) {
|
if (response.ok) {
|
||||||
if (asset.includes('jpg') || asset.includes('jpeg') || asset.includes('png') || asset.includes('webp')) {
|
if (
|
||||||
|
asset.includes('jpg') ||
|
||||||
|
asset.includes('jpeg') ||
|
||||||
|
asset.includes('png') ||
|
||||||
|
asset.includes('webp')
|
||||||
|
) {
|
||||||
await imageCache.put(asset, response);
|
await imageCache.put(asset, response);
|
||||||
} else {
|
} else {
|
||||||
await cache.put(asset, response);
|
await cache.put(asset, response);
|
||||||
@@ -163,9 +164,9 @@ self.addEventListener('fetch', (event) => {
|
|||||||
} catch (err) {
|
} catch (err) {
|
||||||
// Try all caches for fallback
|
// Try all caches for fallback
|
||||||
const cachedResponse =
|
const cachedResponse =
|
||||||
await cache.match(event.request) ||
|
(await cache.match(event.request)) ||
|
||||||
await runtimeCache.match(event.request) ||
|
(await runtimeCache.match(event.request)) ||
|
||||||
await imageCache.match(event.request);
|
(await imageCache.match(event.request));
|
||||||
|
|
||||||
if (cachedResponse) {
|
if (cachedResponse) {
|
||||||
return cachedResponse;
|
return cachedResponse;
|
||||||
|
|||||||
Reference in New Issue
Block a user