diff options
| author | Rigel Kent <sendmemail@rigelk.eu> | 2018-07-16 09:02:08 +0200 |
|---|---|---|
| committer | Rigel Kent <par@rigelk.eu> | 2018-07-17 12:03:31 +0200 |
| commit | d00e2393d4269c0b4e280753e5f82ac06bd218c6 (patch) | |
| tree | 93b25f059422413e8d81beddec4d256228f6c687 /server.ts | |
| parent | a7dbc7dfc7a84b419a9b55d4a89e9a6e12384ae1 (diff) | |
| download | PeerTube-d00e2393d4269c0b4e280753e5f82ac06bd218c6.tar.gz PeerTube-d00e2393d4269c0b4e280753e5f82ac06bd218c6.tar.zst PeerTube-d00e2393d4269c0b4e280753e5f82ac06bd218c6.zip | |
selective route permission to use embeds with x-frame-deny
Diffstat (limited to 'server.ts')
| -rw-r--r-- | server.ts | 8 |
1 files changed, 8 insertions, 0 deletions
| @@ -15,6 +15,7 @@ import * as express from 'express' | |||
| 15 | import * as morgan from 'morgan' | 15 | import * as morgan from 'morgan' |
| 16 | import * as cors from 'cors' | 16 | import * as cors from 'cors' |
| 17 | import * as cookieParser from 'cookie-parser' | 17 | import * as cookieParser from 'cookie-parser' |
| 18 | import * as helmet from 'helmet' | ||
| 18 | 19 | ||
| 19 | process.title = 'peertube' | 20 | process.title = 'peertube' |
| 20 | 21 | ||
| @@ -48,6 +49,13 @@ if (errorMessage !== null) { | |||
| 48 | // Trust our proxy (IP forwarding...) | 49 | // Trust our proxy (IP forwarding...) |
| 49 | app.set('trust proxy', CONFIG.TRUST_PROXY) | 50 | app.set('trust proxy', CONFIG.TRUST_PROXY) |
| 50 | 51 | ||
| 52 | // Security middlewares | ||
| 53 | app.use(helmet({ | ||
| 54 | frameguard: { | ||
| 55 | action: 'deny' | ||
| 56 | } | ||
| 57 | })) | ||
| 58 | |||
| 51 | // ----------- Database ----------- | 59 | // ----------- Database ----------- |
| 52 | 60 | ||
| 53 | // Initialize database and models | 61 | // Initialize database and models |