This page is not created by, affiliated with, or supported by Slack Technologies, Inc.
2019-05-28
Channels
- # announcements (11)
- # aws (30)
- # beginners (98)
- # calva (11)
- # cider (42)
- # clj-kondo (4)
- # cljdoc (1)
- # cljsrn (5)
- # clojure (132)
- # clojure-europe (4)
- # clojure-ireland (1)
- # clojure-italy (35)
- # clojure-japan (2)
- # clojure-nl (5)
- # clojure-spec (5)
- # clojure-uk (24)
- # clojurescript (71)
- # clojutre (1)
- # core-async (6)
- # cursive (9)
- # data-science (4)
- # datascript (3)
- # datomic (78)
- # duct (16)
- # emacs (14)
- # events (2)
- # fulcro (141)
- # graalvm (5)
- # hoplon (14)
- # hyperfiddle (2)
- # jobs-discuss (14)
- # joker (8)
- # luminus (2)
- # off-topic (7)
- # om (1)
- # pathom (4)
- # pedestal (7)
- # planck (2)
- # quil (1)
- # re-frame (14)
- # reagent (2)
- # reitit (14)
- # robots (1)
- # shadow-cljs (20)
- # spacemacs (25)
- # specter (1)
- # sql (122)
- # tools-deps (63)
- # unrepl (2)
- # yada (34)
How do I tweak Content Security Policy in Pedestal?
Inside service-map
::http/port 8080
::http/secure-headers {:content-security-policy-settings content-security-policy-settings}
...
✔️ 4
docs here https://cljdoc.org/d/io.pedestal/pedestal.service/0.5.5/api/io.pedestal.http.secure-headers @ahmed1hsn
👍 4
docs aren't awesome, but you can checkout the sources. it's just a bunch of string concat/join
So, If I have set up http/secure-headers in service-map
I do not need to include <meta http-equiv="Content-Security-Policy" content="default-src
Tag in html. Right?
Yep. Choose one method (headers or meta-tags). https://developer.mozilla.org/en-US/docs/Web/HTML/Element/meta#attr-http-equiv
🙂 4