diff --git a/src/Server.UI/DependencyInjection.cs b/src/Server.UI/DependencyInjection.cs index 8eb38cad..4f38aec8 100644 --- a/src/Server.UI/DependencyInjection.cs +++ b/src/Server.UI/DependencyInjection.cs @@ -147,6 +147,13 @@ public static WebApplication ConfigureServer(this WebApplication app, IConfigura app.UseAuthentication(); app.UseAuthorization(); + + app.Use((context, next) => + { + context.Request.Scheme = "https"; + return next(); + }); + app.Use(async (context, next) => { context.Response.Headers.Append("Content-Security-Policy", "default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self'; object-src 'self' data:; frame-src 'self' data:;");