Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/config/initializers/content_security_policy.rb
diff options
context:
space:
mode:
authorGitLab Bot <gitlab-bot@gitlab.com>2020-01-29 21:08:47 +0300
committerGitLab Bot <gitlab-bot@gitlab.com>2020-01-29 21:08:47 +0300
commit6b9d3a4e8351e662c4586b24bb152de78ae9e3bf (patch)
tree883e9db60c047c54418fc1d2b1c5517f97e0f185 /config/initializers/content_security_policy.rb
parent23288f62da73fb0e30d8e7ce306665e8fda1b932 (diff)
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'config/initializers/content_security_policy.rb')
-rw-r--r--config/initializers/content_security_policy.rb1
1 files changed, 1 insertions, 0 deletions
diff --git a/config/initializers/content_security_policy.rb b/config/initializers/content_security_policy.rb
index 608d0401a96..c19fb65017f 100644
--- a/config/initializers/content_security_policy.rb
+++ b/config/initializers/content_security_policy.rb
@@ -12,4 +12,5 @@ if csp_settings['enabled']
Rails.application.config.content_security_policy_report_only = csp_settings['report_only']
Rails.application.config.content_security_policy_nonce_generator = ->(request) { SecureRandom.base64(16) }
+ Rails.application.config.content_security_policy_nonce_directives = %w(script-src)
end
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-14 20:57:21 +0300