finicky9298/quixotic
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix lighthouse

Browse Source
This commit is contained in:
Andrey Kondratev
2025-11-07 14:20:36 +05:00
parent 0110301a60
commit bd0a0cca28
3 changed files with 22 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

BIN
public/favicon.ico Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 111 KiB

2
public/index.html
View File

@@ -10,6 +10,8 @@
<meta http-equiv="Cache-Control" content="no-cache, no-store, must-revalidate">
<meta http-equiv="Pragma" content="no-cache">
<meta http-equiv="Expires" content="0">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<link rel="icon" type="image/x-icon" href="/favicon.ico">
<link rel="stylesheet" href="style.css">
<script src="https://telegram.org/js/telegram-web-app.js"></script>

21
src/server.ts
View File

@@ -19,6 +19,25 @@ const soundcloud = new SoundCloudService();
// Middleware
app.use(express.json());
app.use((req: Request, res: Response, next) => {
res.set('Content-Security-Policy',
'default-src \'self\'; ' +
'script-src \'self\' https://telegram.org \'unsafe-inline\'; ' +
'style-src \'self\' \'unsafe-inline\'; ' +
'img-src \'self\' data: https:; ' +
'font-src \'self\'; ' +
'connect-src \'self\' https://telegram.org; ' +
'frame-ancestors \'self\'; ' +
'base-uri \'self\'; ' +
'form-action \'self\''
);
res.set('Strict-Transport-Security', 'max-age=31536000; includeSubDomains; preload');
res.set('Cross-Origin-Opener-Policy', 'same-origin');
res.set('X-Frame-Options', 'SAMEORIGIN');
res.set('X-Content-Type-Options', 'nosniff');
res.set('Referrer-Policy', 'strict-origin-when-cross-origin');
next();
});
// Cache-busting middleware for iOS Safari
app.use('/dist/*.js', (req: Request, res: Response, next) => {
@@ -90,7 +109,7 @@ app.post('/api/search', async (req: Request, res: Response) => {
// Convert video to MP3
app.post('/api/convert', async (req: Request, res: Response) => {
try {
const { videoId, title, userId, url, performer }: { videoId?: string; title?: string; userId?: string; url?: string; performer?: string } = req.body;
const { videoId, title, userId, url }: { videoId?: string; title?: string; userId?: string; url?: string } = req.body;
console.log('Convert request received:', { videoId, title, userId });
if (!videoId) {