fix: backend issue
This commit is contained in:
parent
0758e38237
commit
95df69b06c
1 changed files with 12 additions and 8 deletions
|
@ -1,6 +1,5 @@
|
||||||
import { Inject, Injectable } from '@nestjs/common';
|
import { Inject, Injectable } from '@nestjs/common';
|
||||||
import megalodon, { Entity, MegalodonInterface } from 'megalodon';
|
import megalodon, { Entity, MegalodonInterface } from 'megalodon';
|
||||||
import multipart from '@fastify/multipart';
|
|
||||||
import { IsNull } from 'typeorm';
|
import { IsNull } from 'typeorm';
|
||||||
import multer from 'fastify-multer';
|
import multer from 'fastify-multer';
|
||||||
import type { UsersRepository } from '@/models/_.js';
|
import type { UsersRepository } from '@/models/_.js';
|
||||||
|
@ -41,15 +40,20 @@ export class MastodonApiServerService {
|
||||||
},
|
},
|
||||||
});
|
});
|
||||||
|
|
||||||
fastify.register(multer.contentParser);
|
fastify.addHook('onRequest', (request, reply, done) => {
|
||||||
|
reply.header('Content-Security-Policy', `default-src * data: mediastream: blob: filesystem: about: ws: wss: 'unsafe-eval' 'wasm-unsafe-eval' 'unsafe-inline';
|
||||||
fastify.register(multipart, {
|
script-src * data: blob: 'unsafe-inline' 'unsafe-eval';
|
||||||
limits: {
|
connect-src * data: blob: 'unsafe-inline';
|
||||||
fileSize: this.config.maxFileSize ?? 262144000,
|
img-src * data: blob: 'unsafe-inline';
|
||||||
files: 1,
|
frame-src * data: blob: ;
|
||||||
},
|
style-src * data: blob: 'unsafe-inline';
|
||||||
|
font-src * data: blob: 'unsafe-inline';
|
||||||
|
frame-ancestors * data: blob: 'unsafe-inline';`);
|
||||||
|
done();
|
||||||
});
|
});
|
||||||
|
|
||||||
|
fastify.register(multer.contentParser);
|
||||||
|
|
||||||
fastify.get('/v1/custom_emojis', async (_request, reply) => {
|
fastify.get('/v1/custom_emojis', async (_request, reply) => {
|
||||||
const BASE_URL = `${_request.protocol}://${_request.hostname}`;
|
const BASE_URL = `${_request.protocol}://${_request.hostname}`;
|
||||||
const accessTokens = _request.headers.authorization;
|
const accessTokens = _request.headers.authorization;
|
||||||
|
|
Loading…
Reference in a new issue