|
|
|
@ -14,6 +14,30 @@ if (process.env.NODE_ENV == 'production') {
|
|
|
|
|
app.use(require('koa-logger')());
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
app.use(require('koa-helmet')({
|
|
|
|
|
hsts: false,
|
|
|
|
|
frameguard: {
|
|
|
|
|
action: 'deny'
|
|
|
|
|
},
|
|
|
|
|
referrerPolicy: {
|
|
|
|
|
policy: 'strict-origin'
|
|
|
|
|
},
|
|
|
|
|
contentSecurityPolicy: {
|
|
|
|
|
directives: {
|
|
|
|
|
'default-src': ["'none'"],
|
|
|
|
|
'base-uri': ["'none'"],
|
|
|
|
|
'connect-src': ["'self'"],
|
|
|
|
|
'font-src': ["'self'", 'https://fonts.gstatic.com'],
|
|
|
|
|
'form-action': ["'self'"],
|
|
|
|
|
'frame-ancestors': ["'none'"],
|
|
|
|
|
'img-src': ["'self'", 'https:', 'data:'],
|
|
|
|
|
'object-src': ["'none'"],
|
|
|
|
|
'script-src': ["'self'", 'https://cdnjs.cloudflare.com', 'https://code.jquery.com'],
|
|
|
|
|
'style-src': ["'self'", 'https://fonts.googleapis.com', 'https://cdnjs.cloudflare.com'],
|
|
|
|
|
'block-all-mixed-content': true
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}));
|
|
|
|
|
app.use(require('koa-compress')());
|
|
|
|
|
app.use(require('koa-static-cache')(path.join(__dirname, 'public'), {
|
|
|
|
|
maxAge: config.cacheAge
|
|
|
|
|