mirror of
https://git.pleroma.social/pleroma/relay.git
synced 2024-12-23 03:31:07 +00:00
don't set csp header on /api routes
This commit is contained in:
parent
5c210dc20f
commit
ea0658e2ea
|
@ -333,7 +333,7 @@ async def handle_response_headers(request: web.Request, handler: Callable) -> Re
|
|||
resp.headers['Server'] = 'ActivityRelay'
|
||||
|
||||
# Still have to figure out how csp headers work
|
||||
if resp.content_type == 'text/html':
|
||||
if resp.content_type == 'text/html' and not request.path.startswith("/api"):
|
||||
resp.headers['Content-Security-Policy'] = get_csp(request)
|
||||
|
||||
if not request.app['dev'] and request.path.endswith(('.css', '.js')):
|
||||
|
|
Loading…
Reference in a new issue