blob: 02a42cd45904ae364d71eaf4ab5c4f687d620173 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
|
import { BrowserPolicy } from 'meteor/browser-policy-common';
Meteor.startup(() => {
if ( process.env.BROWSER_POLICY_ENABLED === 'true' ) {
// Trusted URL that can embed Wekan in iFrame.
const trusted = process.env.TRUSTED_URL;
BrowserPolicy.framing.disallow();
//Allow inline scripts, otherwise there is errors in browser/inspect/console
//BrowserPolicy.content.disallowInlineScripts();
//BrowserPolicy.content.disallowEval();
//BrowserPolicy.content.allowInlineStyles();
//BrowserPolicy.content.allowFontDataUrl();
BrowserPolicy.framing.restrictToOrigin(trusted);
//BrowserPolicy.content.allowScriptOrigin(trusted);
}
else {
// Disable browser policy and allow all framing and including.
// Use only at internal LAN, not at Internet.
BrowserPolicy.framing.allowAll();
//BrowserPolicy.content.allowDataUrlForAll();
}
// Allow all images from anywhere
//BrowserPolicy.content.allowImageOrigin('*');
// If Matomo URL is set, allow it.
const matomoUrl = process.env.MATOMO_ADDRESS;
if (matomoUrl){
//BrowserPolicy.content.allowScriptOrigin(matomoUrl);
//BrowserPolicy.content.allowImageOrigin(matomoUrl);
}
});
|
