Merge pull request #2480 from ClearlyClaire/glitch-soc/fixes/csp
Fix image and media loading when using external storage servermain
commit
a21fe8687e
|
@ -48,9 +48,9 @@ Rails.application.config.content_security_policy do |p|
|
||||||
p.default_src :none
|
p.default_src :none
|
||||||
p.frame_ancestors :none
|
p.frame_ancestors :none
|
||||||
p.font_src :self, assets_host
|
p.font_src :self, assets_host
|
||||||
p.img_src :self, :data, :blob, assets_host
|
p.img_src :self, :data, :blob, assets_host, media_host
|
||||||
p.style_src :self, assets_host
|
p.style_src :self, assets_host
|
||||||
p.media_src :self, :data, assets_host
|
p.media_src :self, :data, assets_host, media_host
|
||||||
p.frame_src :self, :https
|
p.frame_src :self, :https
|
||||||
p.manifest_src :self, assets_host
|
p.manifest_src :self, assets_host
|
||||||
|
|
||||||
|
|
|
@ -12,9 +12,9 @@ describe 'Content-Security-Policy' do
|
||||||
"default-src 'none'",
|
"default-src 'none'",
|
||||||
"frame-ancestors 'none'",
|
"frame-ancestors 'none'",
|
||||||
"font-src 'self' https://cb6e6126.ngrok.io",
|
"font-src 'self' https://cb6e6126.ngrok.io",
|
||||||
"img-src 'self' data: blob: https://cb6e6126.ngrok.io",
|
"img-src 'self' data: blob: https://cb6e6126.ngrok.io https://cb6e6126.ngrok.io",
|
||||||
"style-src 'self' https://cb6e6126.ngrok.io 'nonce-ZbA+JmE7+bK8F5qvADZHuQ=='",
|
"style-src 'self' https://cb6e6126.ngrok.io 'nonce-ZbA+JmE7+bK8F5qvADZHuQ=='",
|
||||||
"media-src 'self' data: https://cb6e6126.ngrok.io",
|
"media-src 'self' data: https://cb6e6126.ngrok.io https://cb6e6126.ngrok.io",
|
||||||
"frame-src 'self' https:",
|
"frame-src 'self' https:",
|
||||||
"manifest-src 'self' https://cb6e6126.ngrok.io",
|
"manifest-src 'self' https://cb6e6126.ngrok.io",
|
||||||
"form-action 'self'",
|
"form-action 'self'",
|
||||||
|
|
Loading…
Reference in New Issue