Software /
code /
prosody-modules
Diff
mod_rest/apidemo.lib.lua @ 4550:0befc680970b
mod_rest/apidemo: Disable validator
How nice of them to leak the URL of every schema to them by default.
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Sun, 25 Apr 2021 17:09:22 +0200 |
parent | 4528:fd15e7f00ff5 |
child | 4728:1c6d353550cc |
line wrap: on
line diff
--- a/mod_rest/apidemo.lib.lua Sun Apr 25 16:53:08 2021 +0200 +++ b/mod_rest/apidemo.lib.lua Sun Apr 25 17:09:22 2021 +0200 @@ -17,6 +17,7 @@ -- SUCH HACK, VERY GSUB, WOW! index = index:gsub("(%s?url%s*:%s*)%b\"\"", string.format("%%1%q", module:http_url().."/demo/openapi.yaml"), 1); + index = index:gsub("(%s*SwaggerUIBundle%s*%(%s*{)(%s*)", "%1%2validatorUrl: false,%2"); end do @@ -40,6 +41,7 @@ _M.main_page = { headers = { content_type = "text/html"; + content_security_policy = "default-src 'self' data:; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline'; frame-ancestors 'none'"; }; body = index; }