Claire
b091e531a5
Merge commit '49b3d5692e6f217e6506674ad8a623a4ba8d0c5f' into glitch-soc/backports-4.3
2024-10-15 17:42:22 +02:00
kenkiku1021
304e440f88
add SWIFT object storage uri to CSP media hosts ( #32439 )
...
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-10-15 17:37:14 +02:00
Claire
83b553c7d1
Merge commit '0226bbe5165a53658b29e46ddbef6a10507fdc8c' into glitch-soc/merge-upstream
2024-09-12 21:32:39 +02:00
Claire
a496aeabcb
Change form-action Content-Security-Policy directive to be more restrictive ( #26897 )
2024-09-12 13:24:19 +00:00
Claire
0b2c7cdb02
Merge commit 'fe2667bb0d3487a32b9da5250402a90482a85fe2' into glitch-soc/merge-upstream
...
Conflicts:
- `app/lib/content_security_policy.rb`:
Conflict caused by glitch-soc's support for the extra `EXTRA_DATA_HOSTS`
environment variable.
Ported upstream's changes while keeping support for `EXTRA_DATA_HOSTS`.
2024-01-10 17:51:12 +01:00
Claire
5f4643b895
Add PAPERCLIP_ROOT_URL
to Content-Security-Policy when used ( #28561 )
2024-01-05 10:45:36 +00:00
Claire
19e14654cc
Reduce CSP configuration changes with upstream ( #2536 )
2023-12-27 09:54:05 +01:00
Claire
85662a5a57
Change img-src
and media-src
CSP directives to not include https:
( #28025 )
2023-11-30 13:47:01 +00:00
Matt Jankowski
eae5c7334a
Extract class from CSP configuration/initialization ( #26905 )
2023-10-27 16:20:40 +00:00