Skip to content

Commit

Permalink
chore(entry.server): only upgrade-insecure-requests if production a…
Browse files Browse the repository at this point in the history 
…nd host isnt localhost

Signed-off-by: Logan McAnsh <logan@mcan.sh>
  • Loading branch information
@mcansh
mcansh committed Dec 6, 2024
1 parent b13da14 commit b8407b8
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 1 deletion.
4 changes: 3 additions & 1 deletion app/entry.server.tsx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -116,7 +116,9 @@ function applySecurityHeaders(request: Request, responseHeaders: Headers) {
let nonce = createNonce();
let securityHeaders = createSecureHeaders({
"Content-Security-Policy": {
"upgrade-insecure-requests": process.env.NODE_ENV === "production",
"upgrade-insecure-requests":
process.env.NODE_ENV === "production" &&
!url.host.includes("localhost"),
"default-src": ["'none'"],
"base-uri": ["'self'"],
"img-src": [
Expand Down
1 change: 1 addition & 0 deletions package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@
"prepare": "node ./scripts/prepare.js",
"dev": "cross-env NODE_ENV=development node --watch-path ./server.js ./server.js",
"start": "cross-env NODE_ENV=production node ./server.js",
"start:local": "cross-env NODE_ENV=production node --env-file=./.env ./server.js",
"knip": "knip-bun"
},
"dependencies": {
Expand Down

0 comments on commit b8407b8

Please sign in to comment.