about summary refs log tree commit diff
diff options
context:
space:
mode:
authorEugen <eugen@zeonfederated.com>2017-04-15 22:48:30 +0200
committerGitHub <noreply@github.com>2017-04-15 22:48:30 +0200
commit0d83569899155e5d5c17fff0c69e533df2f34d42 (patch)
tree31f23d8ea68732a6e3f43755b2237a429586f532
parent515434ed87dea56b853d41b2af2ee1fd7773ccea (diff)
Fix cross-origin integrity (#1871)
See <https://glitch.social/users/bea/updates/434>
-rw-r--r--app/views/home/index.html.haml2
-rw-r--r--app/views/layouts/admin.html.haml2
-rw-r--r--app/views/layouts/auth.html.haml2
-rw-r--r--app/views/layouts/embedded.html.haml2
-rw-r--r--app/views/layouts/public.html.haml2
5 files changed, 5 insertions, 5 deletions
diff --git a/app/views/home/index.html.haml b/app/views/home/index.html.haml
index 5b6f5b855..df4223ed2 100644
--- a/app/views/home/index.html.haml
+++ b/app/views/home/index.html.haml
@@ -1,6 +1,6 @@
 - content_for :header_tags do
   %script#initial-state{:type => 'application/json'}!= json_escape(render(file: 'home/initial_state', formats: :json))
 
-  = javascript_include_tag 'application', integrity: true
+  = javascript_include_tag 'application', integrity: true, crossorigin: 'anonymous'
 
 = react_component 'Mastodon', default_props, class: 'app-holder', prerender: false
diff --git a/app/views/layouts/admin.html.haml b/app/views/layouts/admin.html.haml
index fa364750f..892bcd596 100644
--- a/app/views/layouts/admin.html.haml
+++ b/app/views/layouts/admin.html.haml
@@ -1,5 +1,5 @@
 - content_for :header_tags do
-  = javascript_include_tag 'application_public', integrity: true
+  = javascript_include_tag 'application_public', integrity: true, crossorigin: 'anonymous'
 
 - content_for :content do
   .admin-wrapper
diff --git a/app/views/layouts/auth.html.haml b/app/views/layouts/auth.html.haml
index bf4113baf..899690419 100644
--- a/app/views/layouts/auth.html.haml
+++ b/app/views/layouts/auth.html.haml
@@ -1,5 +1,5 @@
 - content_for :header_tags do
-  = javascript_include_tag 'application_public', integrity: true
+  = javascript_include_tag 'application_public', integrity: true, crossorigin: 'anonymous'
 
 - content_for :content do
   .container
diff --git a/app/views/layouts/embedded.html.haml b/app/views/layouts/embedded.html.haml
index c34247c91..562be6625 100644
--- a/app/views/layouts/embedded.html.haml
+++ b/app/views/layouts/embedded.html.haml
@@ -3,6 +3,6 @@
   %head
     %meta{:charset => 'utf-8'}/
     = stylesheet_link_tag 'application', media: 'all'
-    = javascript_include_tag 'application_public', integrity: true
+    = javascript_include_tag 'application_public', integrity: true, crossorigin: 'anonymous'
   %body.embed
     = yield
diff --git a/app/views/layouts/public.html.haml b/app/views/layouts/public.html.haml
index 56781a286..fdde0a681 100644
--- a/app/views/layouts/public.html.haml
+++ b/app/views/layouts/public.html.haml
@@ -1,5 +1,5 @@
 - content_for :header_tags do
-  = javascript_include_tag 'application_public', integrity: true
+  = javascript_include_tag 'application_public', integrity: true, crossorigin: 'anonymous'
 
 - content_for :content do
   .container= yield