Testing feature-police

2025-10-29 18:00:23 +00:00 · 2019-03-21 20:11:42 +01:00
parent dfc49156f5
commit c8614bef52
3 changed files with 99 additions and 79 deletions
--- a/server/apps/admin.js
+++ b/server/apps/admin.js
@@ -48,15 +48,21 @@ var bodyParser = require('body-parser');
 var cookieParser = require("cookie-parser");
 var referrerPolicy = require('referrer-policy');
 var helmet = require('helmet');
+var featurePolicy = require('feature-policy');
+app.use(featurePolicy({
+    features: {
+        fullscreen: ["'*'"],
+        vibrate: ["'none'"],
+        payment: ["'none'"],
+        microphone: ["'none'"],
+        camera: ["'none'"],
+        speaker: ["*"],
+        syncXhr: ["'self'"],
+        notifications: ["'self'"]
+    }
+}));
 app.use(helmet({
  frameguard: false,
-  features: {
-    fullscreen: ["'self'"],
-    vibrate: ["'none'"],
-    payment: ['none'],
-    syncXhr: ["'*'"],
-	notifications: ["'self'"]
-  }
 }));
 app.use(referrerPolicy({ policy: 'origin-when-cross-origin' }));
 app.enable('view cache');