paulmataruso/zulip-desktop
1
0
Fork 0
mirror of https://github.com/zulip/zulip-desktop.git synced 2025-10-23 03:31:56 +00:00
Code Issues Packages Projects Releases Wiki Activity

Set a restrictive Content-Security-Policy for the app UI.

Browse Source 
Signed-off-by: Anders Kaseorg <anders@zulip.com>
This commit is contained in:
Anders Kaseorg
2024-01-25 14:32:35 -08:00
parent f98d6d7037
commit 9d08a13e64
2 changed files with 8 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
app/renderer/main.html
View File

@@ -2,6 +2,10 @@
<html lang="en" class="responsive desktop">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<meta
http-equiv="Content-Security-Policy"
content="default-src 'none'; connect-src 'self'; font-src 'self'; img-src 'self' data:; script-src 'self'; style-src 'self' 'unsafe-inline'"
/>
<meta name="viewport" content="width=device-width" />
<title>Zulip</title>
<link rel="stylesheet" href="css/fonts.css" />

4
app/renderer/network.html
View File

@@ -2,6 +2,10 @@
<html lang="en" class="responsive desktop">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<meta
http-equiv="Content-Security-Policy"
content="default-src 'none'; connect-src 'self'; img-src 'self'; script-src 'self'; style-src 'self'"
/>
<meta name="viewport" content="width=device-width" />
<title>Zulip - Network Troubleshooting</title>
<link