diff --git a/backend/src/middleware/security.js b/backend/src/middleware/security.js index 4129c02..2a5b17d 100644 --- a/backend/src/middleware/security.js +++ b/backend/src/middleware/security.js @@ -9,7 +9,7 @@ export const setupSecurity = (app) => { directives: { defaultSrc: ["'self'"], styleSrc: ["'self'", "'unsafe-inline'"], - scriptSrc: ["'self'"], + scriptSrc: ["'self'", "https://static.cloudflareinsights.com", "'unsafe-inline'"], imgSrc: ["'self'", 'data:', 'https:'], }, }, diff --git a/k8s/app.yaml b/k8s/app.yaml index d8e7af3..243c729 100644 --- a/k8s/app.yaml +++ b/k8s/app.yaml @@ -22,6 +22,8 @@ spec: env: - name: NODE_ENV value: "production" + - name: CORS_ORIGIN + value: "https://market.applaude.net" - name: USE_PYTHON_SERVICE value: "false" - name: DATABASE_URL