| Age | Commit message (Expand) | Author |
|---|
| 2022-11-16 | Add form-action CSP directive (#1948) | Claire |
| 2022-11-16 | Merge branch 'main' into glitch-soc/merge-upstream | Claire |
| 2022-11-15 | Fix wrong directive `unsafe-wasm-eval` to `wasm-unsafe-eval` (#20729) | Eugen Rochko |
| 2022-11-15 | Use "unsafe-wasm-eval" instead of "unsafe-eval" in script-src CSP (#20606) | prplecake |
| 2022-10-26 | Add "unsafe-eval" to script-src CSP (#18817) | prplecake |
| 2022-03-15 | Merge branch 'main' into glitch-soc/merge-upstream | Claire |
| 2022-03-14 | Fix LetterOpennerWeb CSP (#17770) | Yamagishi Kazutoshi |
| 2021-04-20 | Merge branch 'main' into glitch-soc/merge-upstream | Claire |
| 2021-04-09 | Fix autoloading deprecation warnings from Rails 6 (#16010) | Eugen Rochko |
| 2021-03-24 | Merge branch 'main' into glitch-soc/merge-upstream | Claire |
| 2021-03-24 | Update Mastodon to Rails 6.1 (#15910) | Claire |
| 2020-07-07 | Merge branch 'master' into glitch-soc/merge-upstream | Thibaut Girka |
| 2020-07-07 | Fix hashtag column options styling (#14247) | ThibG |
| 2020-05-10 | Merge branch 'master' into glitch-soc/merge-upstream | Thibaut Girka |
| 2020-05-08 | Remove 'unsafe-inline' from Content-Security-Policy style-src (#13679) | ThibG |
| 2020-05-04 | Fix PgHero Content-Security-Policy when CDN_HOST is used (#13595) | ThibG |
| 2020-04-02 | Merge branch 'master' into glitch-soc/merge-upstream | Thibaut Girka |
| 2020-03-27 | Fix OCR not working on Safari because of unsupported worker-src CSP (#13323) | ThibG |
| 2020-02-06 | Add environment variable to specify extra data hosts | Thibaut Girka |
| 2019-08-19 | Fix connect-src policy for Tesseract | Thibaut Girka |
| 2019-08-19 | Merge branch 'master' into glitch-soc/merge-upstream | Thibaut Girka |
| 2019-08-19 | Fix CSP needlessly allowing blob URLs in script-src (#11620) | ThibG |
| 2019-08-16 | Fix media host not being included in connect-src for OCR (#11577) | Eugen Rochko |
| 2019-08-15 | Add OCR tool to media editing modal (#11566) | Eugen Rochko |
| 2019-05-04 | Fix CSP when PAPERCLIP_ROOT_URL is set to a different host | Thibaut Girka |
| 2019-05-04 | Fix CSP when dealing with S3 hosts | Thibaut Girka |
| 2018-12-14 | Remove form_action from CSP | Rey Tucker |
| 2018-11-12 | Tighten CSP a bit | Thibaut Girka |
| 2018-10-22 | Merge branch 'master' into glitch-soc/merge-upstream | Thibaut Girka |
| 2018-10-12 | Add manifest_src to CSP, add blob to connect_src (#8967) | ThibG |
| 2018-10-12 | Fix CSP headers blocking media and development environment (#8962) | Eugen Rochko |
| 2018-10-11 | Set Content-Security-Policy rules through RoR's config (#8957) | ThibG |
| 2018-09-03 | Add manifest_src to CSP | Rey Tucker |
| 2018-08-28 | Fix CSP with S3/SWIFT hosts | Thibaut Girka |
| 2018-08-28 | Adjust CSP to fix image resizing | Thibaut Girka |
| 2018-08-23 | Only apply CSP in production mode | Thibaut Girka |
| 2018-08-23 | Tighten CSP while allowing CDN hosts | Thibaut Girka |
| 2018-08-22 | Move CSP headers to the appropriate Rails configuration | Thibaut Girka |
| 2018-04-12 | Upgrade Rails to version 5.2.0 (#5898) | Yamagishi Kazutoshi |
