index
:
mastodon
this commit
cybrespace-3.3
main
monsterfork-1.0
monsterfork-2020-09-01
monsterfork-2020-11-29
Plural Café fork of Mastodon/Glitch Social
about
summary
refs
log
tree
commit
diff
log msg
author
committer
range
path:
root
/
config
/
initializers
/
content_security_policy.rb
Age
Commit message (
Collapse
)
Author
2020-05-08
Remove 'unsafe-inline' from Content-Security-Policy style-src (#13679)
ThibG
* Make sure wicg-inert doesn't rely on inline CSS * Remove unsafe-inline from style-src
2020-05-04
Fix PgHero Content-Security-Policy when CDN_HOST is used (#13595)
ThibG
2020-03-27
Fix OCR not working on Safari because of unsupported worker-src CSP (#13323)
ThibG
Fixes #13321
2019-08-19
Fix CSP needlessly allowing blob URLs in script-src (#11620)
ThibG
2019-08-16
Fix media host not being included in connect-src for OCR (#11577)
Eugen Rochko
2019-08-15
Add OCR tool to media editing modal (#11566)
Eugen Rochko
2018-10-12
Add manifest_src to CSP, add blob to connect_src (#8967)
ThibG
2018-10-12
Fix CSP headers blocking media and development environment (#8962)
Eugen Rochko
Regression from #8957
2018-10-11
Set Content-Security-Policy rules through RoR's config (#8957)
ThibG
* Set CSP rules in RoR's configuration * Override CSP setting in the embed controller to allow frames
2018-04-12
Upgrade Rails to version 5.2.0 (#5898)
Yamagishi Kazutoshi