From 9b1f2a4b61660f9a8be62f6296d97a856e376059 Mon Sep 17 00:00:00 2001
From: Eugen Rochko <eugen@zeonfederated.com>
Date: Fri, 6 Nov 2020 11:56:31 +0100
Subject: Add subresource integrity for JS and CSS assets (#15096)

Fix #2744
---
 app/views/layouts/embedded.html.haml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'app/views/layouts/embedded.html.haml')

diff --git a/app/views/layouts/embedded.html.haml b/app/views/layouts/embedded.html.haml
index 37051e70c..e4311d342 100644
--- a/app/views/layouts/embedded.html.haml
+++ b/app/views/layouts/embedded.html.haml
@@ -11,8 +11,8 @@
     - if storage_host?
       %link{ rel: 'dns-prefetch', href: storage_host }/
 
-    = stylesheet_pack_tag 'common', media: 'all'
-    = stylesheet_pack_tag Setting.default_settings['theme'], media: 'all'
+    = stylesheet_pack_tag 'common', media: 'all', crossorigin: 'anonymous'
+    = stylesheet_pack_tag Setting.default_settings['theme'], media: 'all', crossorigin: 'anonymous'
     = javascript_pack_tag 'common', integrity: true, crossorigin: 'anonymous'
     = javascript_pack_tag "locale_#{I18n.locale}", integrity: true, crossorigin: 'anonymous'
     = render_initial_state
-- 
cgit