Merge pull request #23 from Beyond-Better/staging

cngarrison · web-flow · commit 72dad499b511 · 2025-10-09T02:43:04.000+11:00
added Content-Security-Policy headers to both response methods in DocsEndpointHandler.ts
diff --git a/deno.jsonc b/deno.jsonc
@@ -1,6 +1,6 @@
 {
   "name": "@beyondbetter/bb-mcp-server",
-  "version": "0.1.11",
+  "version": "0.1.12",
   "description": "Comprehensive library for building Deno-based MCP servers",
   "license": "MIT",
   "copyright": "2025 - Beyond Better <charlie@beyondbetter.app>",
diff --git a/src/lib/server/DocsEndpointHandler.ts b/src/lib/server/DocsEndpointHandler.ts
@@ -640,6 +640,7 @@ export class DocsEndpointHandler {
       headers: {
         'Content-Type': 'text/html; charset=utf-8',
         'Cache-Control': 'public, max-age=3600',
+        'Content-Security-Policy': "default-src 'self'; style-src 'self' https://cdn.jsdelivr.net 'unsafe-inline'; script-src 'self'; img-src 'self' data:; font-src 'self' data:;",
       },
     });
   }
@@ -671,6 +672,7 @@ export class DocsEndpointHandler {
       status,
       headers: {
         'Content-Type': 'text/html; charset=utf-8',
+        'Content-Security-Policy': "default-src 'self'; style-src 'self' https://cdn.jsdelivr.net 'unsafe-inline'; script-src 'self'; img-src 'self' data:; font-src 'self' data:;",
       },
     });
   }

Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,6 @@`
`1`	`1`	`{`
`2`	`2`	`"name": "@beyondbetter/bb-mcp-server",`
`3`		`- "version": "0.1.11",`
	`3`	`+ "version": "0.1.12",`
`4`	`4`	`"description": "Comprehensive library for building Deno-based MCP servers",`
`5`	`5`	`"license": "MIT",`
`6`	`6`	`"copyright": "2025 - Beyond Better <charlie@beyondbetter.app>",`