Claire
83b553c7d1
Merge commit '0226bbe5165a53658b29e46ddbef6a10507fdc8c' into glitch-soc/merge-upstream
2024-09-12 21:32:39 +02:00
Claire
a496aeabcb
Change form-action Content-Security-Policy directive to be more restrictive ( #26897 )
2024-09-12 13:24:19 +00:00
Claire
0b2c7cdb02
Merge commit 'fe2667bb0d3487a32b9da5250402a90482a85fe2' into glitch-soc/merge-upstream
...
Conflicts:
- `app/lib/content_security_policy.rb`:
Conflict caused by glitch-soc's support for the extra `EXTRA_DATA_HOSTS`
environment variable.
Ported upstream's changes while keeping support for `EXTRA_DATA_HOSTS`.
2024-01-10 17:51:12 +01:00
Claire
5f4643b895
Add `PAPERCLIP_ROOT_URL` to Content-Security-Policy when used ( #28561 )
2024-01-05 10:45:36 +00:00
Claire
19e14654cc
Reduce CSP configuration changes with upstream ( #2536 )
2023-12-27 09:54:05 +01:00
Claire
85662a5a57
Change `img-src` and `media-src` CSP directives to not include `https:` ( #28025 )
2023-11-30 13:47:01 +00:00
Matt Jankowski
eae5c7334a
Extract class from CSP configuration/initialization ( #26905 )
2023-10-27 16:20:40 +00:00