search

ChilliCream / graphql-platform

Welcome to the home of the Hot Chocolate GraphQL server for .NET, the Strawberry Shake GraphQL client for .NET and Banana Cake Pop the awesome Monaco based GraphQL IDE.
https://chillicream.com
MIT License
5.25k stars 744 forks source link

Add Content-Security-Policy to the UI #4178

Open vanillajonathan opened 3 years ago

vanillajonathan commented 3 years ago

Is your feature request related to a problem?

Banana Cake Pop sends no Content-Security-Policy HTTP header to the browser.

https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP

The solution you'd like

Add a Content-Security-Policy (CSP) HTTP header to Banana Cake Pop in order to increase the security.

Product

Banana Cake Pop

vanillajonathan commented 2 years ago

https://docs.microsoft.com/en-us/aspnet/core/blazor/fundamentals/startup?view=aspnetcore-6.0#control-headers-in-c-code