DEV: Remove unsafe_eval from test/theme-test CSP (#28774)

not needed anymore
This commit is contained in:
Jarek Radosz 2024-09-06 13:28:33 +02:00 committed by GitHub
parent d8009fd0ec
commit 526a21730a
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 0 additions and 9 deletions

View File

@ -21,7 +21,6 @@ class ContentSecurityPolicy
Extension.theme_extensions(theme_id).each { |extension| builder << extension } Extension.theme_extensions(theme_id).each { |extension| builder << extension }
Extension.plugin_extensions.each { |extension| builder << extension } Extension.plugin_extensions.each { |extension| builder << extension }
builder << Extension.site_setting_extension builder << Extension.site_setting_extension
builder << Extension.path_specific_extension(path_info)
builder.build builder.build
end end

View File

@ -7,14 +7,6 @@ class ContentSecurityPolicy
{ script_src: SiteSetting.content_security_policy_script_src.split("|") } { script_src: SiteSetting.content_security_policy_script_src.split("|") }
end end
def path_specific_extension(path_info)
{}.tap do |obj|
for_qunit_route = !Rails.env.production? && %w[/qunit /wizard/qunit].include?(path_info)
for_qunit_route ||= "/theme-qunit" == path_info
obj[:script_src] = :unsafe_eval if for_qunit_route
end
end
def plugin_extensions def plugin_extensions
[].tap do |extensions| [].tap do |extensions|
Discourse.plugins.each do |plugin| Discourse.plugins.each do |plugin|