mirror of
https://github.com/mastodon/mastodon.git
synced 2024-05-28 23:08:10 +00:00
CSP header spec hard coded?
This commit is contained in:
parent
dfc1e5ad10
commit
b4c419e7d5
|
@ -23,7 +23,7 @@ describe 'Content-Security-Policy' do
|
|||
<<~CSP.split("\n").map(&:strip)
|
||||
base-uri 'none'
|
||||
child-src 'self' blob: https://cb6e6126.ngrok.io
|
||||
connect-src 'self' data: blob: https://cb6e6126.ngrok.io ws://cb6e6126.ngrok.io:4000
|
||||
connect-src 'self' data: blob: https://cb6e6126.ngrok.io #{Rails.configuration.x.streaming_api_base_url}
|
||||
default-src 'none'
|
||||
font-src 'self' https://cb6e6126.ngrok.io
|
||||
form-action 'self'
|
||||
|
|
Loading…
Reference in a new issue