wanwu/sub2api
1
0
Fork 0
mirror of https://gitee.com/wanwujie/sub2api synced 2026-04-09 17:44:46 +08:00
Code Issues Packages Projects Releases Wiki Activity

feat(csp): auto-inject purchase_subscription_url origin into frame-src

Browse Source
This commit is contained in:
erio
2026-03-02 00:19:25 +08:00
parent c3ac68af2a
commit 8a82a2a648
5 changed files with 72 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
backend/cmd/server/VERSION
View File

@@ -1 +1 @@
0.1.87.16
0.1.87.17

2
backend/cmd/server/main.go
View File

@@ -100,7 +100,7 @@ func runSetupServer() {
r := gin.New()
r.Use(middleware.Recovery())
r.Use(middleware.CORS(config.CORSConfig{}))
r.Use(middleware.SecurityHeaders(config.CSPConfig{Enabled: true, Policy: config.DefaultCSPPolicy}))
r.Use(middleware.SecurityHeaders(config.CSPConfig{Enabled: true, Policy: config.DefaultCSPPolicy}, nil))
// Register setup routes
setup.RegisterRoutes(r)