fix websocket debug

This commit is contained in:
Felix Ableitner 2022-04-19 13:52:06 +02:00 committed by Nutomic
parent 7e164d820d
commit ef669cfa94
2 changed files with 10 additions and 4 deletions

View file

@ -11,7 +11,7 @@ import process from "process";
import serialize from "serialize-javascript"; import serialize from "serialize-javascript";
import { App } from "../shared/components/app/app"; import { App } from "../shared/components/app/app";
import { SYMBOLS } from "../shared/components/common/symbols"; import { SYMBOLS } from "../shared/components/common/symbols";
import { httpBaseInternal } from "../shared/env"; import { httpBaseInternal, wsUriBase } from "../shared/env";
import { import {
ILemmyConfig, ILemmyConfig,
InitialFetchRequest, InitialFetchRequest,
@ -28,9 +28,14 @@ const extraThemesFolder =
process.env["LEMMY_UI_EXTRA_THEMES_FOLDER"] || "./extra_themes"; process.env["LEMMY_UI_EXTRA_THEMES_FOLDER"] || "./extra_themes";
server.use(function (_req, res, next) { server.use(function (_req, res, next) {
// in debug mode, websocket backend may be on another port, so we need to permit it in csp policy
var websocketBackend;
if (process.env.NODE_ENV == "development") {
websocketBackend = wsUriBase;
}
res.setHeader( res.setHeader(
"Content-Security-Policy", "Content-Security-Policy",
"default-src 'none'; connect-src 'self'; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; form-action 'self'; base-uri 'self'" `default-src 'none'; connect-src 'self' ${websocketBackend}; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; form-action 'self'; base-uri 'self'`
); );
next(); next();
}); });

View file

@ -1,6 +1,6 @@
import { isBrowser } from "./utils"; import { isBrowser } from "./utils";
const testHost = "127.0.0.1:8536"; const testHost = "0.0.0.0:8536";
let internalHost = let internalHost =
(!isBrowser() && process.env.LEMMY_INTERNAL_HOST) || testHost; // used for local dev (!isBrowser() && process.env.LEMMY_INTERNAL_HOST) || testHost; // used for local dev
@ -35,7 +35,8 @@ if (isBrowser()) {
export const httpBaseInternal = `http://${host}`; // Don't use secure here export const httpBaseInternal = `http://${host}`; // Don't use secure here
export const httpBase = `http${secure}://${host}`; export const httpBase = `http${secure}://${host}`;
export const wsUri = `ws${secure}://${wsHost}/api/v3/ws`; export const wsUriBase = `ws${secure}://${wsHost}`;
export const wsUri = `${wsUriBase}/api/v3/ws`;
export const pictrsUri = `${httpBase}/pictrs/image`; export const pictrsUri = `${httpBase}/pictrs/image`;
export const isHttps = secure.endsWith("s"); export const isHttps = secure.endsWith("s");