mirror of
https://git.pleroma.social/pleroma/relay.git
synced 2024-11-09 18:08:00 +00:00
don't set csp header on /api routes
This commit is contained in:
parent
5c210dc20f
commit
ea0658e2ea
|
@ -333,7 +333,7 @@ async def handle_response_headers(request: web.Request, handler: Callable) -> Re
|
||||||
resp.headers['Server'] = 'ActivityRelay'
|
resp.headers['Server'] = 'ActivityRelay'
|
||||||
|
|
||||||
# Still have to figure out how csp headers work
|
# Still have to figure out how csp headers work
|
||||||
if resp.content_type == 'text/html':
|
if resp.content_type == 'text/html' and not request.path.startswith("/api"):
|
||||||
resp.headers['Content-Security-Policy'] = get_csp(request)
|
resp.headers['Content-Security-Policy'] = get_csp(request)
|
||||||
|
|
||||||
if not request.app['dev'] and request.path.endswith(('.css', '.js')):
|
if not request.app['dev'] and request.path.endswith(('.css', '.js')):
|
||||||
|
|
Loading…
Reference in a new issue