[31/50] couchdb commit: updated refs/heads/1.6.x to eeb31cb

Wed, 13 Aug 2014 16:26:34 -0700 

Fauxton: Content Security Policy optional for dev

This just makes the content security policy optional for
development.


Project: http://git-wip-us.apache.org/repos/asf/couchdb/repo
Commit: http://git-wip-us.apache.org/repos/asf/couchdb/commit/672cacb8
Tree: http://git-wip-us.apache.org/repos/asf/couchdb/tree/672cacb8
Diff: http://git-wip-us.apache.org/repos/asf/couchdb/diff/672cacb8

Branch: refs/heads/1.6.x
Commit: 672cacb8060e9fdbe0d08e0b5aa36fbc7b898cc6
Parents: aca4bc7
Author: Garren Smith <[email protected]>
Authored: Tue Jun 10 15:19:32 2014 +0200
Committer: Garren Smith <[email protected]>
Committed: Wed Jun 11 11:21:34 2014 +0200

----------------------------------------------------------------------
 src/fauxton/tasks/couchserver.js | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/couchdb/blob/672cacb8/src/fauxton/tasks/couchserver.js
----------------------------------------------------------------------
diff --git a/src/fauxton/tasks/couchserver.js b/src/fauxton/tasks/couchserver.js
index 3a17ab6..8e95c5c 100644
--- a/src/fauxton/tasks/couchserver.js
+++ b/src/fauxton/tasks/couchserver.js
@@ -25,7 +25,8 @@ module.exports = function (grunt) {
     // Options
     var dist_dir = options.dist || './dist/debug/',
         app_dir = './app',
-        port = options.port || 8000;
+        port = options.port || 8000,
+        setContentSecurityPolicy = 
_.isUndefined(options.contentSecurityPolicy) ? true : 
options.contentSecurityPolicy;
 
     // Proxy options with default localhost
     var proxy_settings = options.proxy || {
@@ -47,9 +48,11 @@ module.exports = function (grunt) {
           accept = req.headers.accept.split(','),
           filePath;
 
-      var headerValue = "default-src 'self'; img-src 'self'; font-src 'self'; 
" +
-                        "script-src 'self' 'unsafe-eval'; style-src 'self' 
'unsafe-inline';";
-      res.setHeader('Content-Security-Policy', headerValue);
+      if (setContentSecurityPolicy) {
+        var headerValue = "default-src 'self'; img-src 'self'; font-src 
'self'; " +
+                          "script-src 'self' 'unsafe-eval'; style-src 'self' 
'unsafe-inline';";
+        res.setHeader('Content-Security-Policy', headerValue);
+      }
 
       if (!!url.match(/^\/addons\/.*\/assets\/js/)) {
         filePath = path.join(app_dir, url.replace('/_utils/fauxton/',''));

Reply via email to