fix: set csp header only for resource (#836)

2025-06-05 22:09:59 +02:00 · 2022-12-23 20:02:42 +08:00
parent 119603da5d
commit 99d9cc9168
2 changed files with 1 additions and 4 deletions
--- a/server/server.go
+++ b/server/server.go
@ -44,10 +44,6 @@ func NewServer(profile *profile.Profile) *Server {
 		Timeout:      30 * time.Second,
 	}))

-	e.Use(middleware.SecureWithConfig(middleware.SecureConfig{
-		ContentSecurityPolicy: "default-src 'self'",
-	}))
-
 	embedFrontend(e)

 	// In dev mode, set the const secret key to make signin session persistence.