mirror/bentopdf
1
0
Fork 0
mirror of https://github.com/alam00000/bentopdf.git synced 2026-04-22 06:57:40 -04:00
Code Issues Packages Projects Releases Wiki Activity

fix(security): update script-src directive to include 'blob:'

Browse Source
This commit is contained in:
alam00000
2026-04-21 19:24:28 +05:30
parent 7587a5f94a
commit 18cdfac8cd
2 changed files with 3 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
.gitignore vendored
View File

@@ -49,4 +49,5 @@ libreoffice-wasm-package
bentopdf-*.tgz
# test
dist-test
dist-test
test

2
scripts/generate-security-headers.mjs
View File

@@ -55,7 +55,7 @@ const fontOrigins = uniq([ocrFontOrigin].filter(Boolean));
const directives = [
`default-src 'self'`,
`script-src 'self' 'wasm-unsafe-eval' 'unsafe-eval' ${scriptOrigins.join(' ')}`.trim(),
`script-src 'self' 'wasm-unsafe-eval' 'unsafe-eval' blob: ${scriptOrigins.join(' ')}`.trim(),
`worker-src 'self' blob:`,
`style-src 'self' 'unsafe-inline' https://fonts.googleapis.com`,
`img-src 'self' data: blob: https:`,