15 Commits (02189098c0be1a28e63611860c27d9f8e595c063)

Author SHA1 Message Date
Thibaut Girka 06bcab6e99 Fix CSP when PAPERCLIP_ROOT_URL is set to a different host
6 years ago
Thibaut Girka 5d24d50987 Fix CSP when dealing with S3 hosts
6 years ago
Rey Tucker 56890834ab Remove form_action from CSP
6 years ago
Thibaut Girka b7ef203fd6 Tighten CSP a bit
6 years ago
Thibaut Girka 46259a36d0 Merge branch 'master' into glitch-soc/merge-upstream
6 years ago
ThibG f8e9555e73 Add manifest_src to CSP, add blob to connect_src (#8967)
6 years ago
Eugen Rochko 0dbb3a8786 Fix CSP headers blocking media and development environment (#8962)
6 years ago
ThibG 51c53e709f Set Content-Security-Policy rules through RoR's config (#8957)
6 years ago
Rey Tucker 121747b190 Add manifest_src to CSP
6 years ago
Thibaut Girka 0a841048fa Fix CSP with S3/SWIFT hosts
6 years ago
Thibaut Girka 2f78bd1b42 Adjust CSP to fix image resizing
6 years ago
Thibaut Girka 36a96b33d9 Only apply CSP in production mode
6 years ago
Thibaut Girka 91c50b0d4b Tighten CSP while allowing CDN hosts
6 years ago
Thibaut Girka 563a09d81a Move CSP headers to the appropriate Rails configuration
6 years ago
Yamagishi Kazutoshi 9761b940ac Upgrade Rails to version 5.2.0 (#5898)
7 years ago