allow iframes for notes

This commit is contained in:
ThatOneCalculator 2023-06-06 21:00:16 -07:00
parent abe8474883
commit 90c0e4e9ed
No known key found for this signature in database
GPG key ID: 8703CACD01000000
3 changed files with 6 additions and 3 deletions

View file

@ -107,10 +107,9 @@ export default define(meta, paramDef, async (ps, user) => {
userId: user.id, userId: user.id,
}); });
if (antennas.length > 5 && !user.isAdmin) { if (antennas.length > 5 && !user.isAdmin) {
throw new ApiError(meta.errors.tooManyAntennas) throw new ApiError(meta.errors.tooManyAntennas);
} }
if (ps.src === "list" && ps.userListId) { if (ps.src === "list" && ps.userListId) {
userList = await UserLists.findOneBy({ userList = await UserLists.findOneBy({
id: ps.userListId, id: ps.userListId,

View file

@ -422,6 +422,10 @@ router.get("/notes/:note", async (ctx, next) => {
}); });
ctx.set("Cache-Control", "public, max-age=15"); ctx.set("Cache-Control", "public, max-age=15");
ctx.set(
"Content-Security-Policy",
"default-src 'self'; frame-ancestors '*'",
);
return; return;
} }

View file

@ -13,7 +13,7 @@
"packages/*/package-lock.json", "packages/*/package-lock.json",
"packages/backend/src/server/web/manifest.ts", "packages/backend/src/server/web/manifest.ts",
"packages/backend/built/", "packages/backend/built/",
"packages/backend/nsfw-model/", "*/model.json",
"packages/client/src/emojilist.json", "packages/client/src/emojilist.json",
"*.md", "*.md",
"**/tsconfig.json", "**/tsconfig.json",