diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-01-29 21:08:47 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-01-29 21:08:47 +0300 |
commit | 6b9d3a4e8351e662c4586b24bb152de78ae9e3bf (patch) | |
tree | 883e9db60c047c54418fc1d2b1c5517f97e0f185 /config/initializers/content_security_policy.rb | |
parent | 23288f62da73fb0e30d8e7ce306665e8fda1b932 (diff) |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'config/initializers/content_security_policy.rb')
-rw-r--r-- | config/initializers/content_security_policy.rb | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/config/initializers/content_security_policy.rb b/config/initializers/content_security_policy.rb index 608d0401a96..c19fb65017f 100644 --- a/config/initializers/content_security_policy.rb +++ b/config/initializers/content_security_policy.rb @@ -12,4 +12,5 @@ if csp_settings['enabled'] Rails.application.config.content_security_policy_report_only = csp_settings['report_only'] Rails.application.config.content_security_policy_nonce_generator = ->(request) { SecureRandom.base64(16) } + Rails.application.config.content_security_policy_nonce_directives = %w(script-src) end |