kenmirrors/MagicMirror
1
0
Fork 0
mirror of https://github.com/MichMich/MagicMirror.git synced 2025-08-21 04:45:17 +00:00
Code Issues Projects Releases Wiki Activity

added a new config option httpHeaders used by helmet

Browse Source
This commit is contained in:
Karsten Hassel
2022-05-13 22:25:18 +02:00
parent d730dd04bf
commit 3b55886c45
3 changed files with 6 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
js/defaults.js
View File

@@ -25,6 +25,9 @@ const defaults = {
units: "metric",
zoom: 1,
customCss: "css/custom.css",
// httpHeaders used by helmet, see https://helmetjs.github.io/. You can add other/more object values by overriding this in config.js,
// e.g. you need to add `frameguard: false` for embedding MagicMirror in another website, see https://github.com/MichMich/MagicMirror/issues/2847
httpHeaders: { contentSecurityPolicy: false, crossOriginOpenerPolicy: false, crossOriginEmbedderPolicy: false, crossOriginResourcePolicy: false, originAgentCluster: false },
modules: [
{

2
js/server.js
View File

@@ -69,7 +69,7 @@ function Server(config, callback) {
res.status(403).send("This device is not allowed to access your mirror. <br> Please check your config.js or config.js.sample to change this.");
});
});
app.use(helmet({ contentSecurityPolicy: false, crossOriginOpenerPolicy: false, crossOriginEmbedderPolicy: false, crossOriginResourcePolicy: false, originAgentCluster: false }));
app.use(helmet(config.httpHeaders));
app.use("/js", express.static(__dirname));