Files
pwap/pezkuwi-sdk-ui/packages/apps-electron/src/electron/contentSecurityPolicy.ts
T
pezkuwichain 971df8edba Rebrand: Remove 3rd party chains, update domains to PezkuwiChain
- Remove all 3rd party parachain configurations from endpoints:
  - productionRelayPolkadot.ts: Keep only system parachains
  - productionRelayDicle.ts: Keep only system parachains
  - testingRelayZagros.ts: Keep only system parachains
  - testingRelayTeyrChain.ts: Keep only system parachains

- Update domain references:
  - polkadot.js.org → pezkuwichain.app
  - wiki.polkadot.network → wiki.pezkuwichain.io
  - dotapps.io → pezkuwichain.app
  - statement.polkadot.network → docs.pezkuwichain.io/statement
  - support.polkadot.network → docs.pezkuwichain.io

- Update repository references:
  - github.com/pezkuwi-js/apps → github.com/pezkuwichain/pwap

- Rename system parachains to Pezkuwi ecosystem:
  - PolkadotAssetHub → PezkuwiAssetHub
  - polkadotBridgeHub → pezkuwiBridgeHub
  - polkadotCollectives → pezkuwiCollectives
  - polkadotCoretime → pezkuwiCoretime
  - polkadotPeople → pezkuwiPeople

- Update network name in claims utility:
  - Polkadot → Pezkuwi
2026-01-09 03:08:11 +03:00

30 lines
1.2 KiB
TypeScript

// Copyright 2017-2026 @pezkuwi/apps authors & contributors
// SPDX-License-Identifier: Apache-2.0
import type { HeadersReceivedResponse } from 'electron';
import { session } from 'electron';
export function setupContentSecurityPolicy (_: string): void {
session.defaultSession.webRequest.onHeadersReceived((details, respond: (response: HeadersReceivedResponse) => void) => {
respond({
responseHeaders: {
...details.responseHeaders,
'Content-Security-Policy': [
"default-src 'self';" +
" style-src-elem 'self' https://fonts.googleapis.com/css 'unsafe-inline';" +
" font-src data: 'self' https://fonts.gstatic.com;" +
" style-src 'unsafe-inline';" +
" connect-src 'self' wss: ws:;" +
" img-src 'self' data:;" +
// react-qr-reader uses an embedded blob
" worker-src 'self' blob: filesystem:;" +
// unsafe-eval is needed for the WASM content - same as the extension
// script hashes here are for the window.top script (not technically needed)
" script-src 'self' 'unsafe-eval' 'sha256-02/ejyoV/iwRdJ4NAsxjzF6WVUtLMPM6Nv96EbAm6u8=' 'sha256-wW/WsLudCDaPo/ibpeK0KslHqYpCzcAKNFxFBXwCHJg='"
]
}
});
});
}