Add piwik to allowed URIs in connect-src
[rails.git] / config / initializers / secure_headers.rb
index 696efc729d8c60badcfca79ddc1e5fc4a0932953..bb901e3759430cb365f8bcd44407776ec199cf06 100644 (file)
@@ -16,6 +16,7 @@ if defined?(CSP_REPORT_URL)
     :report_uri => [CSP_REPORT_URL]
   }
 
     :report_uri => [CSP_REPORT_URL]
   }
 
+  csp_policy[:connect_src] << PIWIK["location"] if defined?(PIWIK)
   csp_policy[:img_src] << PIWIK["location"] if defined?(PIWIK)
   csp_policy[:script_src] << PIWIK["location"] if defined?(PIWIK)
 else
   csp_policy[:img_src] << PIWIK["location"] if defined?(PIWIK)
   csp_policy[:script_src] << PIWIK["location"] if defined?(PIWIK)
 else