Add piwik to allowed URIs in connect-src
authorTom Hughes <tom@compton.nu>
Thu, 17 May 2018 10:29:06 +0000 (11:29 +0100)
committerTom Hughes <tom@compton.nu>
Thu, 17 May 2018 10:33:50 +0000 (11:33 +0100)
config/initializers/secure_headers.rb

index 696efc729d8c60badcfca79ddc1e5fc4a0932953..bb901e3759430cb365f8bcd44407776ec199cf06 100644 (file)
@@ -16,6 +16,7 @@ if defined?(CSP_REPORT_URL)
     :report_uri => [CSP_REPORT_URL]
   }
 
+  csp_policy[:connect_src] << PIWIK["location"] if defined?(PIWIK)
   csp_policy[:img_src] << PIWIK["location"] if defined?(PIWIK)
   csp_policy[:script_src] << PIWIK["location"] if defined?(PIWIK)
 else