Sutty/trabajo-afectivo
5
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Maintenance: Remove obsolete CSP header unsafe_inline configuration exception.

Browse source
This commit is contained in:
Martin Gruner 2021-09-02 16:35:29 +02:00 committed by Thorsten Eckel
parent ce4ca035d6
commit 0faf0a0759
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
config/initializers/content_security_policy.rb
View file

@ -37,7 +37,7 @@ Rails.application.config.content_security_policy do |policy|
policy.font_src :self, :data
policy.img_src '*', :data
policy.object_src :none
policy.script_src :self, :unsafe_eval, :unsafe_inline, :strict_dynamic
policy.script_src :self, :unsafe_eval, :strict_dynamic
policy.style_src :self, :unsafe_inline
policy.frame_src 'www.youtube.com', 'player.vimeo.com'
end