A301/a301_server
2
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

fix: Swagger CSP에 validator.swagger.io 이미지 허용 추가
All checks were successful
Server CI/CD / lint-and-build (push) Successful in 12s
Details
Server CI/CD / deploy (push) Successful in 53s
Details

Browse Source 
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
tolelom
2026-03-17 09:23:27 +09:00
parent 635dfb3221
commit 333cfa7911
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
pkg/middleware/security.go
View File

@@ -14,7 +14,7 @@ func SecurityHeaders(c *fiber.Ctx) error {
c.Set("Referrer-Policy", "strict-origin-when-cross-origin") c.Set("Referrer-Policy", "strict-origin-when-cross-origin")
if strings.HasPrefix(c.Path(), "/swagger") { if strings.HasPrefix(c.Path(), "/swagger") {
c.Set("Content-Security-Policy", "default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data:; script-src 'self' 'unsafe-inline'; frame-ancestors 'none'") c.Set("Content-Security-Policy", "default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data: https://validator.swagger.io; script-src 'self' 'unsafe-inline'; frame-ancestors 'none'")
} else { } else {
c.Set("Content-Security-Policy", "default-src 'none'; frame-ancestors 'none'") c.Set("Content-Security-Policy", "default-src 'none'; frame-ancestors 'none'")
} }