Commit Graph

7 Commits (b40adb4a896d6d9613fba85dbb07b87813c6bbce)

Author SHA1 Message Date
Claire 83b553c7d1 Merge commit '0226bbe5165a53658b29e46ddbef6a10507fdc8c' into glitch-soc/merge-upstream 2024-09-12 21:32:39 +02:00
Claire a496aeabcb
Change form-action Content-Security-Policy directive to be more restrictive (#26897) 2024-09-12 13:24:19 +00:00
Claire 0b2c7cdb02 Merge commit 'fe2667bb0d3487a32b9da5250402a90482a85fe2' into glitch-soc/merge-upstream
Conflicts:
- `app/lib/content_security_policy.rb`:
  Conflict caused by glitch-soc's support for the extra `EXTRA_DATA_HOSTS`
  environment variable.
  Ported upstream's changes while keeping support for `EXTRA_DATA_HOSTS`.
2024-01-10 17:51:12 +01:00
Claire 5f4643b895
Add `PAPERCLIP_ROOT_URL` to Content-Security-Policy when used (#28561) 2024-01-05 10:45:36 +00:00
Claire 19e14654cc
Reduce CSP configuration changes with upstream (#2536) 2023-12-27 09:54:05 +01:00
Claire 85662a5a57
Change `img-src` and `media-src` CSP directives to not include `https:` (#28025) 2023-11-30 13:47:01 +00:00
Matt Jankowski eae5c7334a
Extract class from CSP configuration/initialization (#26905) 2023-10-27 16:20:40 +00:00