Hi folks, i´m making the migration to 0.8 and manage to be able to run a server and to expose via file-routes, it will fetch an app.js file.
(defn create-connector []
(-> (conn/default-connector-map "0.0.0.0" port)
(conn/with-default-interceptors)
(conn/with-interceptor
(secure-headers/secure-headers {:content-security-policy-settings "object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: http:;"}))
(conn/with-routes routes
(resources/file-routes {:file-root "resources/public"}))
(hk/create-connector nil)))
I added the secure-headers interceptor explicitly, but I noticed that in the interceptors queue it will hold 2 of them. Is this the best approach?What do you mean by “hold 2of them”?
{:port 8080, :host 0.0.0.0,
:router :sawtooth,
:interceptors [#Interceptor{:name :io.pedestal.http.tracing/tracing}
#Interceptor{:name :io.pedestal.service.interceptors/log-request}
#Interceptor{:name :io.pedestal.service.interceptors/not-found}
#Interceptor{:name :io.pedestal.http.ring-middlewares/content-type-interceptor}
#Interceptor{:name :io.pedestal.http.route/query-params}
#Interceptor{:name :io.pedestal.http.body-params/body-params}
#Interceptor{:name :io.pedestal.http.secure-headers/secure-headers}
#Interceptor{:name :io.pedestal.http.secure-headers/secure-headers}],
:initial-context {}, :join? false}the las 2 in the :interceptors are secure-headers
That is odd.
Ah, with-default-interceptors provides the secure-headers interceptor. Remember that with-default-interceptors is intended to be replaced with something application-specific that configures each of the interceptors just so.