]> git.openstreetmap.org Git - rails.git/blobdiff - app/controllers/site_controller.rb
projects / rails.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Use CanCanCan to control access to oauth controller actions
[rails.git] / app / controllers / site_controller.rb
diff --git a/app/controllers/site_controller.rb b/app/controllers/site_controller.rb
index 4b960e4e2b9682fd6e49036a25fff89093988bf0..5833a1e045b01cd55ab69a8e746d040bd090ae72 100644 (file)
--- a/app/controllers/site_controller.rb
+++ b/app/controllers/site_controller.rb
@@ -70,6 +70,7 @@ class SiteController < ApplicationController
 
     if %w[potlatch potlatch2].include?(editor)
       append_content_security_policy_directives(
+        :connect_src => %w[*],
         :object_src => %w[*],
         :plugin_types => %w[application/x-shockwave-flash],
         :script_src => %w['unsafe-inline']
The OpenStreetMap web site