Commit graph

9 commits

Author SHA1 Message Date
Claire
b091e531a5 Merge commit '49b3d5692e6f217e6506674ad8a623a4ba8d0c5f' into glitch-soc/backports-4.3 2024-10-15 17:42:22 +02:00
kenkiku1021
304e440f88 add SWIFT object storage uri to CSP media hosts (#32439)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-10-15 17:37:14 +02:00
Claire
83b553c7d1 Merge commit '0226bbe5165a53658b29e46ddbef6a10507fdc8c' into glitch-soc/merge-upstream 2024-09-12 21:32:39 +02:00
Claire
a496aeabcb
Change form-action Content-Security-Policy directive to be more restrictive (#26897) 2024-09-12 13:24:19 +00:00
Claire
0b2c7cdb02 Merge commit 'fe2667bb0d3487a32b9da5250402a90482a85fe2' into glitch-soc/merge-upstream
Conflicts:
- `app/lib/content_security_policy.rb`:
  Conflict caused by glitch-soc's support for the extra `EXTRA_DATA_HOSTS`
  environment variable.
  Ported upstream's changes while keeping support for `EXTRA_DATA_HOSTS`.
2024-01-10 17:51:12 +01:00
Claire
5f4643b895
Add PAPERCLIP_ROOT_URL to Content-Security-Policy when used (#28561) 2024-01-05 10:45:36 +00:00
Claire
19e14654cc
Reduce CSP configuration changes with upstream (#2536) 2023-12-27 09:54:05 +01:00
Claire
85662a5a57
Change img-src and media-src CSP directives to not include https: (#28025) 2023-11-30 13:47:01 +00:00
Matt Jankowski
eae5c7334a
Extract class from CSP configuration/initialization (#26905) 2023-10-27 16:20:40 +00:00