rmorawski/standardnotes-app-web
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: remove non-standard 'wasm-eval' script CSP source

Browse Source
This commit is contained in:
Baptiste Grob
2020-11-12 11:42:38 +01:00
parent 50a5cc4851
commit 861e9c180d
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
config/application.rb
View File

@@ -53,7 +53,7 @@ module Web
media_src: %w('self'), media_src: %w('self'),
object_src: %w('self'), object_src: %w('self'),
plugin_types: %w(), plugin_types: %w(),
script_src: %w('self' 'unsafe-inline' 'wasm-eval' 'unsafe-eval'), script_src: %w('self' 'unsafe-inline' 'unsafe-eval'),
style_src: %w(* 'unsafe-inline'), style_src: %w(* 'unsafe-inline'),
upgrade_insecure_requests: false, # see https://www.w3.org/TR/upgrade-insecure-requests/ upgrade_insecure_requests: false, # see https://www.w3.org/TR/upgrade-insecure-requests/
} }