gitea/nas
1
0
Fork 2
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1

Remove 'unsafe-inline' from Content-Security-Policy style-src (#13679)

Browse source 
* Make sure wicg-inert doesn't rely on inline CSS

* Remove unsafe-inline from style-src
This commit is contained in:
ThibG 2020-05-08 21:22:57 +02:00 committed by GitHub
parent 0d62e09707
commit e1629a7758
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 14 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
app/views/layouts/application.html.haml
View file

@ -26,6 +26,8 @@
= javascript_pack_tag "locale_#{I18n.locale}", integrity: true, crossorigin: 'anonymous'
= csrf_meta_tags
= stylesheet_link_tag '/inert.css', skip_pipeline: true, media: 'all', id: 'inert-style'
- if Setting.custom_css.present?
= stylesheet_link_tag custom_css_path, media: 'all'