From e467b22ae0523a3ab5c042a7704d02bcdd578740 Mon Sep 17 00:00:00 2001 From: Dessalines <dessalines@users.noreply.github.com> Date: Mon, 30 May 2022 18:30:42 -0400 Subject: [PATCH] Commenting out csp headers, since it broke iOS devices. Fixes #669 (#675) --- src/server/index.tsx | 21 +++++++++++---------- 1 file changed, 11 insertions(+), 10 deletions(-) diff --git a/src/server/index.tsx b/src/server/index.tsx index 65f7308..b276186 100644 --- a/src/server/index.tsx +++ b/src/server/index.tsx @@ -11,7 +11,7 @@ import process from "process"; import serialize from "serialize-javascript"; import { App } from "../shared/components/app/app"; import { SYMBOLS } from "../shared/components/common/symbols"; -import { httpBaseInternal, wsUriBase } from "../shared/env"; +import { httpBaseInternal } from "../shared/env"; import { ILemmyConfig, InitialFetchRequest, @@ -27,15 +27,16 @@ const [hostname, port] = process.env["LEMMY_UI_HOST"] const extraThemesFolder = process.env["LEMMY_UI_EXTRA_THEMES_FOLDER"] || "./extra_themes"; -if (!process.env["LEMMY_UI_DEBUG"]) { - server.use(function (_req, res, next) { - res.setHeader( - "Content-Security-Policy", - `default-src 'none'; connect-src 'self' ${wsUriBase}; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; form-action 'self'; base-uri 'self'` - ); - next(); - }); -} +// Commenting out for now, since this broke iOS / webkit browsers. +// if (!process.env["LEMMY_UI_DEBUG"]) { +// server.use(function (_req, res, next) { +// res.setHeader( +// "Content-Security-Policy", +// `default-src 'none'; connect-src 'self' ${wsUriBase}; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; form-action 'self'; base-uri 'self'` +// ); +// next(); +// }); +// } const customHtmlHeader = process.env["LEMMY_UI_CUSTOM_HTML_HEADER"] || ""; server.use(express.json()); -- 2.44.1