Welcome to mirror list, hosted at ThFree Co, Russian Federation.

github.com/matomo-org/matomo.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorStefan Giehl <stefan@matomo.org>2022-08-18 02:50:58 +0300
committerGitHub <noreply@github.com>2022-08-18 02:50:58 +0300
commit5039b8effa058ef6b65c966d5d2b7cad76c3a523 (patch)
tree6cff0a00df001a36d09a2450a33fd0c5df256c3f
parent6a97934c0bf01e1bc2d25b799cb9847c08410229 (diff)
Fix CSP header when viewing plugin details (#19632)
Diffstat
-rw-r--r--plugins/CorePluginsAdmin/Controller.php3
1 files changed, 3 insertions, 0 deletions
diff --git a/plugins/CorePluginsAdmin/Controller.php b/plugins/CorePluginsAdmin/Controller.php
index 4104e68376..33f0698247 100644
--- a/plugins/CorePluginsAdmin/Controller.php
+++ b/plugins/CorePluginsAdmin/Controller.php
@@ -205,6 +205,9 @@ class Controller extends Plugin\ControllerAdmin
$view = $this->configureView('@CorePluginsAdmin/' . $template);
+ $this->securityPolicy->addPolicy('img-src', '*.matomo.org');
+ $this->securityPolicy->addPolicy('default-src', '*.matomo.org');
+
$view->updateNonce = Nonce::getNonce(MarketplaceController::UPDATE_NONCE);
$view->activateNonce = Nonce::getNonce(static::ACTIVATE_NONCE);
$view->uninstallNonce = Nonce::getNonce(static::UNINSTALL_NONCE);
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-29 04:17:12 +0300