| Age | Commit message (Expand) | Author |
|---|
| 2023-03-31 | Autofix Rubocop Style/IdenticalConditionalBranches (#24322) | Nick Schonning |
| 2022-11-17 | Add form-action CSP directive (#20781) | Claire |
| 2022-11-15 | Fix wrong directive `unsafe-wasm-eval` to `wasm-unsafe-eval` (#20729) | Eugen Rochko |
| 2022-11-15 | Use "unsafe-wasm-eval" instead of "unsafe-eval" in script-src CSP (#20606) | prplecake |
| 2022-10-26 | Add "unsafe-eval" to script-src CSP (#18817) | prplecake |
| 2022-03-14 | Fix LetterOpennerWeb CSP (#17770) | Yamagishi Kazutoshi |
| 2021-04-09 | Fix autoloading deprecation warnings from Rails 6 (#16010) | Eugen Rochko |
| 2021-03-24 | Update Mastodon to Rails 6.1 (#15910) | Claire |
| 2020-07-07 | Fix hashtag column options styling (#14247) | ThibG |
| 2020-05-08 | Remove 'unsafe-inline' from Content-Security-Policy style-src (#13679) | ThibG |
| 2020-05-04 | Fix PgHero Content-Security-Policy when CDN_HOST is used (#13595) | ThibG |
| 2020-03-27 | Fix OCR not working on Safari because of unsupported worker-src CSP (#13323) | ThibG |
| 2019-08-19 | Fix CSP needlessly allowing blob URLs in script-src (#11620) | ThibG |
| 2019-08-16 | Fix media host not being included in connect-src for OCR (#11577) | Eugen Rochko |
| 2019-08-15 | Add OCR tool to media editing modal (#11566) | Eugen Rochko |
| 2018-10-12 | Add manifest_src to CSP, add blob to connect_src (#8967) | ThibG |
| 2018-10-12 | Fix CSP headers blocking media and development environment (#8962) | Eugen Rochko |
| 2018-10-11 | Set Content-Security-Policy rules through RoR's config (#8957) | ThibG |
| 2018-04-12 | Upgrade Rails to version 5.2.0 (#5898) | Yamagishi Kazutoshi |
