commit | 7a78a2543e89c50bc0d839c9a7b31c52befd193f | [log] [tgz] |
---|---|---|
author | plainheart <yhen@all-my-life.cn> | Sun May 01 18:00:06 2022 +0800 |
committer | plainheart <yhen@all-my-life.cn> | Sun May 01 18:00:22 2022 +0800 |
tree | 91337a7a061e2ac293e4a2a77bcc57743b542b34 | |
parent | 27aa32c7716b9ba089f666ba68380054917f6541 [diff] |
fix: set CSP `frame-src` to `'none'`
diff --git a/src/editor/sandbox/index.js b/src/editor/sandbox/index.js index 1574953..b237a60 100644 --- a/src/editor/sandbox/index.js +++ b/src/editor/sandbox/index.js
@@ -68,7 +68,7 @@ 'npm.elemecdn.com' ].map((domain) => 'https://' + domain) ), - 'frame-src': [`'self'`, 'https://*.apache.org'], + 'frame-src': [`'none'`], 'object-src': [`'none'`], 'navigate-to': [`'none'`], 'worker-src': [`'none'`]