projects
/
rails.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
fdd4361
)
Remove unsafe-inline form default style policy
author
Tom Hughes
<tom@compton.nu>
Wed, 16 May 2018 19:40:55 +0000
(20:40 +0100)
committer
Tom Hughes
<tom@compton.nu>
Wed, 16 May 2018 19:40:55 +0000
(20:40 +0100)
config/initializers/secure_headers.rb
patch
|
blob
|
history
diff --git
a/config/initializers/secure_headers.rb
b/config/initializers/secure_headers.rb
index 9af170623198f763f55e2e8fb2593bd49904ad25..696efc729d8c60badcfca79ddc1e5fc4a0932953 100644
(file)
--- a/
config/initializers/secure_headers.rb
+++ b/
config/initializers/secure_headers.rb
@@
-12,7
+12,7
@@
if defined?(CSP_REPORT_URL)
:object_src => %w['self'],
:plugin_types => %w[],
:script_src => %w['self'],
- :style_src => %w['self'
'unsafe-inline'
],
+ :style_src => %w['self'],
:report_uri => [CSP_REPORT_URL]
}