mai
/
posimai-tech-events
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: mai:f0d38cc2879bd45738afa4d8ad223f01ca0426b7
Branches Tags
mai:main
...
compare: mai:e572dc710e218ad24b03bc04052eb619521fe2f1
Branches Tags
mai:main

2 Commits
f0d38cc287 ... e572dc710e

Author SHA1 Message Date
posimai e572dc710e fix: magic link JWT (?token=) を先頭スクリプトで localStorage に保存 
Made-with: Cursor
 2026-04-21 09:17:07 +09:00
posimai e17d2941e3 fix(csp): style-src に posimai-ui.vercel.app を追加(base.css ブロック修正) 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-21 08:27:28 +09:00
2 changed files with 21 additions and 1 deletions
Show Stats Expand all files Collapse all files

20
index.html
View File

@ -4,6 +4,26 @@
<head>
<meta charset="UTF-8">
<meta name="robots" content="noindex, nofollow">
<!-- JWT / init_keyAuth Gate より先に実行) -->
<script>
(function () {
var u = new URLSearchParams(window.location.search);
var token = u.get('token');
var initKey = u.get('init_key');
if (token) {
localStorage.setItem('posimai_token', token);
u.delete('token');
}
if (initKey) {
localStorage.setItem('posimai_api_key', initKey);
u.delete('init_key');
}
if (token || initKey) {
var newUrl = window.location.pathname + (u.toString() ? '?' + u.toString() : '') + window.location.hash;
window.history.replaceState({}, '', newUrl);
}
})();
</script>
<!-- Auth Gate -->
<script>
(function () {

2
vercel.json
View File

@ -19,7 +19,7 @@
},
{
"key": "Content-Security-Policy",
"value": "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://unpkg.com https://cdn.jsdelivr.net https://esm.sh; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fonts.gstatic.com; font-src 'self' data: https://fonts.gstatic.com; img-src 'self' data: https:; media-src 'self' https:; connect-src 'self' https://api.soar-enrich.com wss://api.soar-enrich.com https:; worker-src 'self'; frame-ancestors 'none';"
"value": "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://unpkg.com https://cdn.jsdelivr.net https://esm.sh; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fonts.gstatic.com https://posimai-ui.vercel.app; font-src 'self' data: https://fonts.gstatic.com; img-src 'self' data: https:; media-src 'self' https:; connect-src 'self' https://api.soar-enrich.com wss://api.soar-enrich.com https:; worker-src 'self'; frame-ancestors 'none';"
},
{
"key": "Strict-Transport-Security",