Rails/LexicallyScopedActionFilter:
Exclude:
- 'app/controllers/oauth2_applications_controller.rb'
+ - 'app/controllers/oauth2_authorizations_controller.rb'
# Offense count: 5
# Configuration parameters: Include.
prepend_before_action :authorize_web
before_action :set_locale
+ before_action :allow_all_form_action, :only => [:new, :create]
authorize_resource :class => false
- def new
- override_content_security_policy_directives(:form_action => []) if Settings.csp_enforce || Settings.key?(:csp_report_url)
+ private
- super
+ def allow_all_form_action
+ override_content_security_policy_directives(:form_action => []) if Settings.csp_enforce || Settings.key?(:csp_report_url)
end
end
projects / rails.git / commitdiff