Merge pull request #2480 from ClearlyClaire/glitch-soc/fixes/csp
Fix image and media loading when using external storage servermain
commit
a21fe8687e
|
@ -48,9 +48,9 @@ Rails.application.config.content_security_policy do |p|
|
|||
p.default_src :none
|
||||
p.frame_ancestors :none
|
||||
p.font_src :self, assets_host
|
||||
p.img_src :self, :data, :blob, assets_host
|
||||
p.img_src :self, :data, :blob, assets_host, media_host
|
||||
p.style_src :self, assets_host
|
||||
p.media_src :self, :data, assets_host
|
||||
p.media_src :self, :data, assets_host, media_host
|
||||
p.frame_src :self, :https
|
||||
p.manifest_src :self, assets_host
|
||||
|
||||
|
|
|
@ -12,9 +12,9 @@ describe 'Content-Security-Policy' do
|
|||
"default-src 'none'",
|
||||
"frame-ancestors 'none'",
|
||||
"font-src 'self' https://cb6e6126.ngrok.io",
|
||||
"img-src 'self' data: blob: https://cb6e6126.ngrok.io",
|
||||
"img-src 'self' data: blob: https://cb6e6126.ngrok.io https://cb6e6126.ngrok.io",
|
||||
"style-src 'self' https://cb6e6126.ngrok.io 'nonce-ZbA+JmE7+bK8F5qvADZHuQ=='",
|
||||
"media-src 'self' data: https://cb6e6126.ngrok.io",
|
||||
"media-src 'self' data: https://cb6e6126.ngrok.io https://cb6e6126.ngrok.io",
|
||||
"frame-src 'self' https:",
|
||||
"manifest-src 'self' https://cb6e6126.ngrok.io",
|
||||
"form-action 'self'",
|
||||
|
|
Loading…
Reference in New Issue