adm_tueit/TueIT_App
2
0
Fork 0
Code Issues 3 Pull Requests 3 Packages Projects Releases Wiki Activity

made server connections work

Browse Source
This commit is contained in:
www-data
2024-02-16 16:15:04 +00:00
parent e18c605c8c
commit fb59fb756e
7 changed files with 114 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
server/middleware/cors.ts Normal file
View File

@ -0,0 +1,14 @@
export default defineEventHandler((event) => {
event.headers.append('Access-Control-Allow-Origin', 'https://tueitapp.tueit.de');
event.headers.append('Access-Control-Allow-Headers', 'content-type');
event.headers.append('Access-Control-Allow-Methods', 'GET,HEAD,PUT,PATCH,POST,DELETE');
event.headers.append('Access-Control-Allow-Credentials', 'true');
event.headers.append('Access-Control-Options', 'true');
event.headers.append('Access-Control-Expose-Headers', 'Content-Length,Content-Range');
event.headers.append('Access-Control-Max-Age', '600');
event.headers.append('crossOriginResourcePolicy', 'same-origin');
event.headers.append('crossOriginOpenerPolicy', 'same-origin');
event.headers.append('crossOriginEmbedderPolicy', 'require-corp');
event.headers.append('contentSecurityPolicy', "default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests");
event.headers.append('X-XSS-Protection', '1');
})