till/managarten
1
0
Fork 0
mirror of https://github.com/Memo-2023/mana-monorepo.git synced 2026-05-22 21:06:41 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

fix(mukke): add media-src to CSP for audio playback from MinIO

Browse source 
Add mediaSrc option to shared security headers and configure mukke
to allow audio loading from minio.mana.how (S3 presigned URLs).

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Till JS 2026-03-23 09:40:56 +01:00
parent ae0ba94fce
commit 807c5da26e
3 changed files with 42 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

5
apps/mukke/apps/web/src/hooks.server.ts
View file

@ -14,6 +14,7 @@ const PUBLIC_MANA_CORE_AUTH_URL_CLIENT =
const PUBLIC_BACKEND_URL_CLIENT =
process.env.PUBLIC_BACKEND_URL_CLIENT || process.env.PUBLIC_BACKEND_URL || '';
const PUBLIC_GLITCHTIP_DSN = process.env.PUBLIC_GLITCHTIP_DSN || '';
const S3_PUBLIC_ENDPOINT = process.env.S3_PUBLIC_ENDPOINT || 'https://minio.mana.how';
export const handle: Handle = async ({ event, resolve }) => {
const response = await resolve(event, {
@ -30,7 +31,9 @@ window.__PUBLIC_GLITCHTIP_DSN__ = "${PUBLIC_GLITCHTIP_DSN}";
});
setSecurityHeaders(response, {
connectSrc: [PUBLIC_MANA_CORE_AUTH_URL_CLIENT, PUBLIC_BACKEND_URL_CLIENT],
connectSrc: [PUBLIC_MANA_CORE_AUTH_URL_CLIENT, PUBLIC_BACKEND_URL_CLIENT, S3_PUBLIC_ENDPOINT],
mediaSrc: [S3_PUBLIC_ENDPOINT, 'blob:'],
imgSrc: [S3_PUBLIC_ENDPOINT],
});
return response;