openclaw/oikos
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity

Merge branch 'main' of github.com:rafaelfoster/oikos

Browse Source
This commit is contained in:
Rafael Foster
2026-04-26 07:50:59 -03:00
parent 394b4ea84e e31231aa7b
commit b0c1b8b6f9
16 changed files with 275 additions and 120 deletions
Download Patch File Download Diff File Expand all files Collapse all files
server/index.js
+2 -5
View File
@@ -58,10 +58,10 @@ app.use(helmet({
// Alpine.js CDN (optional, falls verwendet)
'https://cdn.jsdelivr.net',
],
styleSrc: ["'self'", "'unsafe-inline'", 'https://cdn.jsdelivr.net'],
styleSrc: ["'self'", "'unsafe-inline'"],
imgSrc: ["'self'", 'data:'],
connectSrc: ["'self'"],
fontSrc: ["'self'", 'data:', 'https://cdn.jsdelivr.net'],
fontSrc: ["'self'"],
objectSrc: ["'none'"],
frameSrc: ["'none'"],
// upgrade-insecure-requests nur mit HTTPS aktivieren
@@ -177,9 +177,6 @@ function sendOpenApi(req, res) {
app.get('/api/v1/openapi.json', sendOpenApi);
app.get('/openapi.json', sendOpenApi);
app.get('/docs', (_req, res) => {
res.sendFile(path.join(import.meta.dirname, '..', 'public', 'doc-assets', 'swagger.html'));
});
// Alle weiteren API-Routen erfordern Authentifizierung + CSRF-Schutz
app.use('/api/v1', requireAuth);