diff options
Diffstat (limited to 'config/initializers')
-rw-r--r-- | config/initializers/cache_logging.rb | 3 | ||||
-rw-r--r-- | config/initializers/content_security_policy.rb | 3 | ||||
-rw-r--r-- | config/initializers/doorkeeper.rb | 10 |
3 files changed, 15 insertions, 1 deletions
diff --git a/config/initializers/cache_logging.rb b/config/initializers/cache_logging.rb new file mode 100644 index 000000000..08aa80742 --- /dev/null +++ b/config/initializers/cache_logging.rb @@ -0,0 +1,3 @@ +# Log cache errors with Rail's logger +# This used to be the default in old Rails versions: https://github.com/rails/rails/commit/7fcf8590e788cef8b64cc266f75931c418902ca9#diff-f0748f0be8a653eea13369ebb1cadabcad71ede7cfaf20282447e64329817befL86 +Rails.cache.logger = Rails.logger diff --git a/config/initializers/content_security_policy.rb b/config/initializers/content_security_policy.rb index 863db9d15..c6fff9889 100644 --- a/config/initializers/content_security_policy.rb +++ b/config/initializers/content_security_policy.rb @@ -31,7 +31,7 @@ if Rails.env.production? p.base_uri :none p.default_src :none p.frame_ancestors :none - p.script_src :self, assets_host + p.script_src :self, assets_host, "'wasm-unsafe-eval'" p.font_src :self, assets_host p.img_src :self, :data, :blob, *data_hosts, "pool.jortage.com", "blob.jortage.com", "s3-us-east-2.amazonaws.com" p.style_src :self, assets_host @@ -41,6 +41,7 @@ if Rails.env.production? p.worker_src :self, :blob, assets_host p.connect_src :self, :blob, :data, Rails.configuration.x.streaming_api_base_url, *data_hosts p.manifest_src :self, assets_host + p.form_action :self end end diff --git a/config/initializers/doorkeeper.rb b/config/initializers/doorkeeper.rb index 84b649f5c..43aac5769 100644 --- a/config/initializers/doorkeeper.rb +++ b/config/initializers/doorkeeper.rb @@ -98,9 +98,19 @@ Doorkeeper.configure do :'admin:read', :'admin:read:accounts', :'admin:read:reports', + :'admin:read:domain_allows', + :'admin:read:domain_blocks', + :'admin:read:ip_blocks', + :'admin:read:email_domain_blocks', + :'admin:read:canonical_email_blocks', :'admin:write', :'admin:write:accounts', :'admin:write:reports', + :'admin:write:domain_allows', + :'admin:write:domain_blocks', + :'admin:write:ip_blocks', + :'admin:write:email_domain_blocks', + :'admin:write:canonical_email_blocks', :crypto # Change the way client credentials are retrieved from the request object. |