raggedstaff/openfoodnetwork
1
0
Fork 0
mirror of https://github.com/openfoodfoundation/openfoodnetwork synced 2026-02-27 01:43:22 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update CSP; re-enable Angular templates

Browse Source 
We really need to remove all those Angular templates as soon as possible, and then revert this commit...
This commit is contained in:
Matt-Yorkley
2021-12-25 11:56:23 +00:00
parent e8f3fe8510
commit 6af5f46d30
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
config/initializers/content_security_policy.rb
View File

@@ -10,7 +10,7 @@ Rails.application.config.content_security_policy do |policy|
policy.img_src :self, :https, :data, '*.s3.amazonaws.com'
policy.object_src :none
policy.frame_ancestors :none
policy.script_src :self, :https, :unsafe_inline, "*.stripe.com", "openfoodnetwork.innocraft.cloud"
policy.script_src :self, :https, :unsafe_inline, :unsafe_eval, "*.stripe.com", "openfoodnetwork.innocraft.cloud"
policy.style_src :self, :https, :unsafe_inline
policy.connect_src :self, :https, "http://localhost:3035", "ws://localhost:3035" if Rails.env.development?