github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2024-11-23 01:47:22 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
f62215046f
discourse/lib/content_security_policy
History
Gerhard Schlager f62215046f FEATURE: Completely remove unsafe-eval from CSP 
Plugins can add it via API if they need to use `eval`:
```
extend_content_security_policy(script_src: [:unsafe_eval])
```

See https://meta.discourse.org/t/104243
2019-12-13 12:38:32 +01:00
..
builder.rb FEATURE: allow extending CSP base-uri and object-src 2019-01-09 15:34:14 -05:00
default.rb FEATURE: Completely remove unsafe-eval from CSP 2019-12-13 12:38:32 +01:00
extension.rb FEATURE: Calculate CSP based on active themes (#6976) 2019-02-11 12:32:04 +00:00
middleware.rb FEATURE: Calculate CSP based on active themes (#6976) 2019-02-11 12:32:04 +00:00