about summary refs log tree commit diff
path: root/app/controllers/auth
diff options
context:
space:
mode:
Diffstat (limited to 'app/controllers/auth')
-rw-r--r--app/controllers/auth/registrations_controller.rb2
-rw-r--r--app/controllers/auth/sessions_controller.rb4
2 files changed, 5 insertions, 1 deletions
diff --git a/app/controllers/auth/registrations_controller.rb b/app/controllers/auth/registrations_controller.rb
index edef0d5bb..d363efeee 100644
--- a/app/controllers/auth/registrations_controller.rb
+++ b/app/controllers/auth/registrations_controller.rb
@@ -159,6 +159,6 @@ class Auth::RegistrationsController < Devise::RegistrationsController
   end
 
   def set_cache_headers
-    response.headers['Cache-Control'] = 'no-cache, no-store, max-age=0, must-revalidate'
+    response.headers['Cache-Control'] = 'private, no-store'
   end
 end
diff --git a/app/controllers/auth/sessions_controller.rb b/app/controllers/auth/sessions_controller.rb
index 13dfebcdd..16c18baa2 100644
--- a/app/controllers/auth/sessions_controller.rb
+++ b/app/controllers/auth/sessions_controller.rb
@@ -15,6 +15,10 @@ class Auth::SessionsController < Devise::SessionsController
   before_action :set_instance_presenter, only: [:new]
   before_action :set_body_classes
 
+  content_security_policy only: :new do |p|
+    p.form_action(false)
+  end
+
   def check_suspicious!
     user = find_user
     @login_is_suspicious = suspicious_sign_in?(user) unless user.nil?
generated by cgit-pink (git 2.37.1) at 2025-08-12 21:17:05 +0000