2020-02-08 23:26:57 +01:00
|
|
|
import { session } from 'electron';
|
2020-04-10 05:02:19 +02:00
|
|
|
import { injectable } from 'inversify';
|
2020-03-03 23:44:44 +01:00
|
|
|
import { isDev } from '../../core/dev';
|
2020-02-08 23:26:57 +01:00
|
|
|
import { ISession } from './i-session';
|
2020-03-03 23:44:44 +01:00
|
|
|
import OnHeadersReceivedListenerDetails = Electron.OnHeadersReceivedListenerDetails;
|
2020-02-08 23:26:57 +01:00
|
|
|
|
|
|
|
@injectable()
|
|
|
|
export class Session implements ISession {
|
|
|
|
public setHeaders(): void {
|
|
|
|
// these headers only work on web requests, file:// protocol is handled via meta tags in the html
|
|
|
|
session.defaultSession.webRequest.onHeadersReceived(
|
2020-03-03 23:44:44 +01:00
|
|
|
(details: OnHeadersReceivedListenerDetails, callback: (response: {}) => void) => {
|
2020-02-08 23:26:57 +01:00
|
|
|
callback({
|
|
|
|
responseHeaders: {
|
|
|
|
...details.responseHeaders,
|
2020-03-03 23:44:44 +01:00
|
|
|
'Content-Security-Policy': isDev()
|
|
|
|
? [
|
|
|
|
'default-src devtools:;' +
|
|
|
|
"script-src 'unsafe-eval';" +
|
|
|
|
"script-src-elem devtools: 'sha256-hl04hLzKBpmsfWF2wIA/0Vs6ZNV5T9ZNFY//3uXrgSk=';" +
|
|
|
|
"style-src devtools: 'unsafe-inline';" +
|
|
|
|
'connect-src devtools: data:',
|
|
|
|
]
|
|
|
|
: ["default-src 'none'"],
|
2020-02-08 23:26:57 +01:00
|
|
|
},
|
|
|
|
});
|
|
|
|
}
|
|
|
|
);
|
|
|
|
}
|
|
|
|
}
|