wangbo/ComfyUI
1
0
Fork 0
mirror of https://github.com/comfyanonymous/ComfyUI.git synced 2026-05-11 09:42:34 +08:00
Code Issues Actions 14 Packages Projects Releases Wiki Activity

Merge 434e676915 into 7bbf1e8169

Browse Source
This commit is contained in:
Andray 2026-05-09 12:15:15 +04:00 committed by GitHub
commit d448f8aad0
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 12 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
server.py
View File

@ -193,8 +193,18 @@ def create_block_external_middleware():
response = web.Response() response = web.Response()
else: else:
response = await handler(request) response = await handler(request)
connectSrc = "'self' data:"
response.headers['Content-Security-Policy'] = "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob:; font-src 'self'; connect-src 'self' data:; frame-src 'self'; object-src 'self';" if args.enable_manager:
connectSrc += " " + args.comfy_api_base
response.headers['Content-Security-Policy'] = (
"default-src 'self'; "
"script-src 'self' 'unsafe-inline' 'unsafe-eval' blob:; "
"style-src 'self' 'unsafe-inline'; "
"img-src 'self' data: blob:; "
"font-src 'self'; "
f"connect-src {connectSrc}; "
"frame-src 'self'; "
"object-src 'self';")
return response return response
return block_external_middleware return block_external_middleware