From e0515faf9b600c1821408a6b1180d0357d7029b1 Mon Sep 17 00:00:00 2001
From: Kristjan ESPERANTO <35647502+KristjanESPERANTO@users.noreply.github.com>
Date: Sat, 6 Jun 2026 10:58:01 +0200
Subject: [PATCH] chore: add missing core defaults

Add defaults for config options that are already supported in core, so behavior
is easier to understand and config stays consistent.
This does not change runtime behavior.
Includes electronSwitches, HTTPS-related keys, security-header toggles, and
watchTargets.

Refs #4159
---
 js/defaults.js | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/js/defaults.js b/js/defaults.js
index 81b5264e61..4d923cd65f 100644
--- a/js/defaults.js
+++ b/js/defaults.js
@@ -9,10 +9,18 @@ const defaults = {
 	address: address,
 	port: port,
 	basePath: "/",
+	useHttps: false, // Support HTTPS or not, default "false" will use HTTP
+	httpsPrivateKey: "", // HTTPS private key path, only required when useHttps is true
+	httpsCertificate: "", // HTTPS Certificate path, only required when useHttps is true
+	tls: null, // Legacy compatibility option for Electron URL selection (prefer useHttps)
 	electronOptions: {},
+	electronSwitches: [],
+	ignoreXOriginHeader: false, // Remove X-Frame-Options response header in Electron
+	ignoreContentSecurityPolicy: false, // Remove Content-Security-Policy response header in Electron
 	ipWhitelist: ["127.0.0.1", "::ffff:127.0.0.1", "::1"],
 	cors: "disabled", // or "allowAll" or "allowWhitelist"
 	corsDomainWhitelist: [], // example: ["api.mapbox.com"]
+	watchTargets: [],
 
 	language: "en",
 	logLevel: ["INFO", "LOG", "WARN", "ERROR"],