KevinMidboe/zoff
1
0
Fork 0
mirror of https://github.com/KevinMidboe/zoff.git synced 2025-12-08 20:48:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

Testing feature-police

Browse Source
This commit is contained in:
Kasper Rynning-Tønnesen
2019-03-21 20:11:42 +01:00
parent dfc49156f5
commit c8614bef52
3 changed files with 99 additions and 79 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
package.json
View File

@@ -40,6 +40,7 @@
"express-handlebars": "^3.0.2", "express-handlebars": "^3.0.2",
"express-recaptcha": "^3.0.1", "express-recaptcha": "^3.0.1",
"express-session": "^1.15.6", "express-session": "^1.15.6",
"feature-policy": "^0.2.0",
"gulp-sourcemaps": "^2.6.5", "gulp-sourcemaps": "^2.6.5",
"gulp-uglify-es": "^1.0.4", "gulp-uglify-es": "^1.0.4",
"helmet": "^3.16.0", "helmet": "^3.16.0",

16
server/apps/admin.js
View File

@@ -48,16 +48,22 @@ var bodyParser = require('body-parser');
var cookieParser = require("cookie-parser"); var cookieParser = require("cookie-parser");
var referrerPolicy = require('referrer-policy'); var referrerPolicy = require('referrer-policy');
var helmet = require('helmet'); var helmet = require('helmet');
app.use(helmet({ var featurePolicy = require('feature-policy');
frameguard: false, app.use(featurePolicy({
features: { features: {
fullscreen: ["'self'"], fullscreen: ["'*'"],
vibrate: ["'none'"], vibrate: ["'none'"],
payment: ['none'], payment: ["'none'"],
syncXhr: ["'*'"], microphone: ["'none'"],
camera: ["'none'"],
speaker: ["*"],
syncXhr: ["'self'"],
notifications: ["'self'"] notifications: ["'self'"]
} }
})); }));
app.use(helmet({
frameguard: false,
}));
app.use(referrerPolicy({ policy: 'origin-when-cross-origin' })); app.use(referrerPolicy({ policy: 'origin-when-cross-origin' }));
app.enable('view cache'); app.enable('view cache');
app.set('views', publicPath); app.set('views', publicPath);

15
server/apps/client.js
View File

@@ -65,8 +65,21 @@ var bodyParser = require('body-parser');
var cookieParser = require("cookie-parser"); var cookieParser = require("cookie-parser");
var referrerPolicy = require('referrer-policy'); var referrerPolicy = require('referrer-policy');
var helmet = require('helmet'); var helmet = require('helmet');
var featurePolicy = require('feature-policy');
app.use(featurePolicy({
features: {
fullscreen: ["'*'"],
vibrate: ["'none'"],
payment: ["'none'"],
microphone: ["'none'"],
camera: ["'none'"],
speaker: ["*"],
syncXhr: ["'self'"],
notifications: ["'self'"]
}
}));
app.use(helmet({ app.use(helmet({
frameguard: false frameguard: false,
})); }));
app.use(referrerPolicy({ policy: 'origin-when-cross-origin' })); app.use(referrerPolicy({ policy: 'origin-when-cross-origin' }));
app.use( bodyParser.json() ); // to support JSON-encoded bodies app.use( bodyParser.json() ); // to support JSON-encoded bodies