fix: support port 8443 origin for WebAuthn passkeys and CORS

This commit is contained in:
Gan, Jimmy
2026-02-26 02:00:29 +08:00
parent 9305ce05cd
commit 332696689a
3 changed files with 5 additions and 5 deletions
+1 -1
View File
@@ -41,7 +41,7 @@ async def security_headers(request: Request, call_next):
response.headers["X-Frame-Options"] = "DENY"
response.headers["X-XSS-Protection"] = "1; mode=block"
response.headers["Referrer-Policy"] = "strict-origin-when-cross-origin"
response.headers["Content-Security-Policy"] = "default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; connect-src 'self' wss://nas.jimmygan.com; frame-ancestors 'none'"
response.headers["Content-Security-Policy"] = "default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; connect-src 'self' wss://nas.jimmygan.com wss://nas.jimmygan.com:8443; frame-ancestors 'none'"
return response
# Audit logger