|
|
@@ -8,27 +8,27 @@ Meteor.startup(() => {
|
|
|
BrowserPolicy.framing.disallow();
|
|
|
//Allow inline scripts, otherwise there is errors in browser/inspect/console
|
|
|
//BrowserPolicy.content.disallowInlineScripts();
|
|
|
- BrowserPolicy.content.disallowEval();
|
|
|
- BrowserPolicy.content.allowInlineStyles();
|
|
|
- BrowserPolicy.content.allowFontDataUrl();
|
|
|
+ //BrowserPolicy.content.disallowEval();
|
|
|
+ //BrowserPolicy.content.allowInlineStyles();
|
|
|
+ //BrowserPolicy.content.allowFontDataUrl();
|
|
|
BrowserPolicy.framing.restrictToOrigin(trusted);
|
|
|
- BrowserPolicy.content.allowScriptOrigin(trusted);
|
|
|
+ //BrowserPolicy.content.allowScriptOrigin(trusted);
|
|
|
}
|
|
|
else {
|
|
|
// Disable browser policy and allow all framing and including.
|
|
|
// Use only at internal LAN, not at Internet.
|
|
|
BrowserPolicy.framing.allowAll();
|
|
|
- BrowserPolicy.content.allowDataUrlForAll();
|
|
|
+ //BrowserPolicy.content.allowDataUrlForAll();
|
|
|
}
|
|
|
|
|
|
// Allow all images from anywhere
|
|
|
- BrowserPolicy.content.allowImageOrigin('*');
|
|
|
+ //BrowserPolicy.content.allowImageOrigin('*');
|
|
|
|
|
|
// If Matomo URL is set, allow it.
|
|
|
const matomoUrl = process.env.MATOMO_ADDRESS;
|
|
|
if (matomoUrl){
|
|
|
- BrowserPolicy.content.allowScriptOrigin(matomoUrl);
|
|
|
- BrowserPolicy.content.allowImageOrigin(matomoUrl);
|
|
|
+ //BrowserPolicy.content.allowScriptOrigin(matomoUrl);
|
|
|
+ //BrowserPolicy.content.allowImageOrigin(matomoUrl);
|
|
|
}
|
|
|
|
|
|
});
|
Lauri Ojansivu