You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@couchdb.apache.org by kx...@apache.org on 2014/06/17 23:26:00 UTC
[4/4] fauxton commit: updated refs/heads/import-master to 9bc7c98
Fauxton: Content Security Policy optional for dev
This just makes the content security policy optional for
development.
Project: http://git-wip-us.apache.org/repos/asf/couchdb-fauxton/repo
Commit: http://git-wip-us.apache.org/repos/asf/couchdb-fauxton/commit/9bc7c98e
Tree: http://git-wip-us.apache.org/repos/asf/couchdb-fauxton/tree/9bc7c98e
Diff: http://git-wip-us.apache.org/repos/asf/couchdb-fauxton/diff/9bc7c98e
Branch: refs/heads/import-master
Commit: 9bc7c98e2a6d4d942a9e7a1d4c52653c9f7a6a4a
Parents: 9fe95cb
Author: Garren Smith <ga...@gmail.com>
Authored: Tue Jun 10 15:19:32 2014 +0200
Committer: Garren Smith <ga...@gmail.com>
Committed: Wed Jun 11 11:21:34 2014 +0200
----------------------------------------------------------------------
tasks/couchserver.js | 11 +++++++----
1 file changed, 7 insertions(+), 4 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/couchdb-fauxton/blob/9bc7c98e/tasks/couchserver.js
----------------------------------------------------------------------
diff --git a/tasks/couchserver.js b/tasks/couchserver.js
index 3a17ab6..8e95c5c 100644
--- a/tasks/couchserver.js
+++ b/tasks/couchserver.js
@@ -25,7 +25,8 @@ module.exports = function (grunt) {
// Options
var dist_dir = options.dist || './dist/debug/',
app_dir = './app',
- port = options.port || 8000;
+ port = options.port || 8000,
+ setContentSecurityPolicy = _.isUndefined(options.contentSecurityPolicy) ? true : options.contentSecurityPolicy;
// Proxy options with default localhost
var proxy_settings = options.proxy || {
@@ -47,9 +48,11 @@ module.exports = function (grunt) {
accept = req.headers.accept.split(','),
filePath;
- var headerValue = "default-src 'self'; img-src 'self'; font-src 'self'; " +
- "script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline';";
- res.setHeader('Content-Security-Policy', headerValue);
+ if (setContentSecurityPolicy) {
+ var headerValue = "default-src 'self'; img-src 'self'; font-src 'self'; " +
+ "script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline';";
+ res.setHeader('Content-Security-Policy', headerValue);
+ }
if (!!url.match(/^\/addons\/.*\/assets\/js/)) {
filePath = path.join(app_dir, url.replace('/_utils/fauxton/',''));