Meteor browser policy

10/12/2015 - 4:53 AM

// First install the browser policy package:
// meteor add browser-policy

BrowserPolicy.framing.disallow();
BrowserPolicy.content.disallowInlineScripts();
BrowserPolicy.content.disallowEval();
BrowserPolicy.content.allowInlineStyles();
BrowserPolicy.content.allowFontDataUrl();

// Change these to whatever services your app needs access to
trusted = [
  '*.google-analytics.com', 
  '*.googleapis.com', 
  '*.gstatic.com', 
  '*.stripe.com', 
  '*.facebook.com', 
  '*.akamaihd.net', 
  '*.github.com', 
  '*.disquscdn.com', 
  '*.cloudfront.net'
];

_.each(trusted, function(origin) {
  return BrowserPolicy.content.allowOriginForAll(origin);
});

Cacher is the code snippet organizer for pro developers

We empower you and your team to get more done, faster

Meteor browser policy