1 files changed, 3 insertions, 0 deletions
diff --git a/server.ts b/server.ts
index 4a2a6ddf5..6dff16f46 100644
--- a/server.ts
+++ b/server.ts
@@ -53,6 +53,9 @@ if (errorMessage !== null) {
 app.set('trust proxy', CONFIG.TRUST_PROXY)
 // Security middleware
+import { baseCSP } from './server/middlewares'
+app.use(baseCSP)
 app.use(helmet({
  frameguard: {
    action: 'deny' // we only allow it for /videos/embed, see server/controllers/client.ts

diff --git a/server.ts b/server.ts index 4a2a6ddf5..6dff16f46 100644 --- a/server.ts +++ b/server.ts
@@ -53,6 +53,9 @@ if (errorMessage !== null) {
53	app.set('trust proxy', CONFIG.TRUST_PROXY)	53	app.set('trust proxy', CONFIG.TRUST_PROXY)
54		54
55	// Security middleware	55	// Security middleware
		56	import { baseCSP } from './server/middlewares'
		57
		58	app.use(baseCSP)
56	app.use(helmet({	59	app.use(helmet({
57	frameguard: {	60	frameguard: {
58	action: 'deny' // we only allow it for /videos/embed, see server/controllers/client.ts	61	action: 'deny' // we only allow it for /videos/embed, see server/controllers/client.ts