monoid
/
ionian
1
0
Fork 0
Code Issues 9 Pull Requests Projects Releases Wiki Activity

content security policy

This commit is contained in:
monoid 2021-01-11 03:14:29 +09:00
parent 8b47c4b178
commit 8cde19ba25
2 changed files with 15 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
app.ts
View File

@ -1,12 +1,14 @@
import { app, BrowserWindow, session } from "electron";
import { get_setting } from "./src/setting";
import { create_server, start_server } from "./src/server";
import { getAdminCookieValue, loginTokenName } from "./src/login";
import { getAdminAccessTokenValue,getAdminRefreshTokenValue, accessTokenName, refreshTokenName } from "./src/login";
const get_loading_html = (content?:string)=> `<!DOCTYPE html>
<html lang="ko"><head>
<meta charset="UTF-8">
<title>react-sample</title>
<meta http-equiv="Content-Security-Policy" content="default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
fonts.googleapis.com; font-src 'self' fonts.gstatic.com">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
</head>
<style>
@ -49,8 +51,16 @@ if (!setting.cli) {
await window.loadURL(`data:text/html;base64,`+Buffer.from(get_loading_html()).toString('base64'));
await session.defaultSession.cookies.set({
url:`http://localhost:${setting.port}`,
name:loginTokenName,
value:getAdminCookieValue(),
name:accessTokenName,
value:getAdminAccessTokenValue(),
httpOnly: true,
secure: false,
sameSite:"strict"
});
await session.defaultSession.cookies.set({
url:`http://localhost:${setting.port}`,
name:refreshTokenName,
value:getAdminRefreshTokenValue(),
httpOnly: true,
secure: false,
sameSite:"strict"

2
index.html
View File

@ -3,6 +3,8 @@
<head>
<meta charset="UTF-8">
<title>react-sample</title>
<meta http-equiv="Content-Security-Policy" content="default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline' fonts.googleapis.com;
font-src 'self' fonts.gstatic.com">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link rel="stylesheet" href="/dist/css/style.css">
<link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap" />