Add HTTP security headers and CORS defaults
This commit is contained in:
@@ -17,3 +17,9 @@ YT_DOWNLOADS_PER_MINUTE=3
|
||||
# Optional local hardening. Set AUTH_ENABLED=true and choose a strong token.
|
||||
AUTH_ENABLED=false
|
||||
SPOOTY_AUTH_TOKEN=
|
||||
|
||||
|
||||
# Optional frontend origin restriction
|
||||
CORS_ORIGIN=http://localhost:4200
|
||||
|
||||
NODE_ENV=production
|
||||
|
||||
Reference in New Issue
Block a user