github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-01-19 07:02:46 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
488fba3c5f
discourse/spec
History
Kyle Zhao 488fba3c5f
FEATURE: allow plugins and themes to extend the default CSP (#6704) 
* FEATURE: allow plugins and themes to extend the default CSP

For plugins:

```
extend_content_security_policy(
  script_src: ['https://domain.com/script.js', 'https://your-cdn.com/'],
  style_src: ['https://domain.com/style.css']
)
```

For themes and components:

```
extend_content_security_policy:
  type: list
  default: "script_src:https://domain.com/|style_src:https://domain.com"
```

* clear CSP base url before each test

we have a test that stubs `Rails.env.development?` to true

* Only allow extending directives that core includes, for now
2018-11-30 09:51:45 -05:00
..
components FEATURE: allow plugins and themes to extend the default CSP (#6704) 2018-11-30 09:51:45 -05:00
fabricators Add missing fields to Upload Fabricator (#6448) 2018-10-04 22:00:07 +08:00
fixtures FEATURE: allow plugins and themes to extend the default CSP (#6704) 2018-11-30 09:51:45 -05:00
helpers extract inline JS that's used to store preloaded data (#6370) 2018-09-17 16:31:46 +08:00
import_export FIX: topic and category exporters were only exporting users who created the first post 2018-01-16 12:51:53 -05:00
integration FEATURE: Automatically expire keys if not used for a configurable amount of time. (#6264) 2018-08-20 17:36:14 +02:00
integrity FIX: Relative links in translations should work with subfolder 2018-11-08 23:31:05 +00:00
jobs FIX: Jobs::CleanUpUploads fails when value of upload data_type is an empty string. 2018-11-30 10:46:39 +08:00
lib FEATURE: allow plugins and themes to extend the default CSP (#6704) 2018-11-30 09:51:45 -05:00
mailers FIX: Notifications shouldn't use user locale unless allow_user_locale is enabled 2018-09-05 11:44:28 +02:00
models REFACTOR: Migrate FacebookAuthenticator to use ManagedAuthenticator 2018-11-30 11:18:11 +00:00
multisite FEATURE: Multisite support for S3 image stores (#6689) 2018-11-29 12:11:48 +08:00
requests DEV: correct heisentest 2018-11-30 15:03:41 +11:00
serializers UX: category images have no sizes (#6662) 2018-11-27 08:40:06 +08:00
services REFACTOR: Migrate FacebookAuthenticator to use ManagedAuthenticator 2018-11-30 11:18:11 +00:00
support FEATURE: [Experimental] Content Security Policy (#6514) 2018-10-22 13:22:23 -04:00
tasks suppress print output when running specs 2017-10-31 16:06:11 +05:30
views/omniauth_callbacks FEATURE: Use translated name for 'your email has been authenticated by' (#6649) 2018-11-22 19:12:04 +00:00
rails_helper.rb REFACTOR: use tables instead of custom fields for polls (#6359) 2018-11-19 14:50:00 +01:00