admin/Moltbot
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
8a3d04c19cb5f728a4ecab5456a0dca9243c0da2
Moltbot/src/gateway/control-ui-csp.ts
Peter Steinberger c6e6023e3a refactor(gateway): share Control UI bootstrap contract and CSP
2026-02-16 03:50:39 +01:00

16 lines
482 B
TypeScript
Raw Blame History

export function buildControlUiCspHeader(): string {
// Control UI: block framing, block inline scripts, keep styles permissive
// (UI uses a lot of inline style attributes in templates).
return [
"default-src 'self'",
"base-uri 'none'",
"object-src 'none'",
"frame-ancestors 'none'",
"script-src 'self'",
"style-src 'self' 'unsafe-inline'",
"img-src 'self' data: https:",
"font-src 'self'",
"connect-src 'self' ws: wss:",
].join("; ");
}
Reference in New Issue View Git Blame Copy Permalink