about summary refs log tree commit diff
path: root/config/initializers/content_security_policy.rb
AgeCommit message (Collapse)Author
2020-07-07Fix hashtag column options styling (#14247)ThibG
* Enable nonces for stylesheets * Pass nonce to react-select
2020-05-08Remove 'unsafe-inline' from Content-Security-Policy style-src (#13679)ThibG
* Make sure wicg-inert doesn't rely on inline CSS * Remove unsafe-inline from style-src
2020-05-04Fix PgHero Content-Security-Policy when CDN_HOST is used (#13595)ThibG
2020-03-27Fix OCR not working on Safari because of unsupported worker-src CSP (#13323)ThibG
Fixes #13321
2019-08-19Fix CSP needlessly allowing blob URLs in script-src (#11620)ThibG
2019-08-16Fix media host not being included in connect-src for OCR (#11577)Eugen Rochko
2019-08-15Add OCR tool to media editing modal (#11566)Eugen Rochko
2018-10-12Add manifest_src to CSP, add blob to connect_src (#8967)ThibG
2018-10-12Fix CSP headers blocking media and development environment (#8962)Eugen Rochko
Regression from #8957
2018-10-11Set Content-Security-Policy rules through RoR's config (#8957)ThibG
* Set CSP rules in RoR's configuration * Override CSP setting in the embed controller to allow frames
2018-04-12Upgrade Rails to version 5.2.0 (#5898)Yamagishi Kazutoshi
generated by cgit-pink (git 2.37.1) at 2024-07-01 00:49:09 +0000