diff options
author | George Claghorn <george.claghorn@gmail.com> | 2018-12-26 11:02:59 -0500 |
---|---|---|
committer | GitHub <noreply@github.com> | 2018-12-26 11:02:59 -0500 |
commit | 9b35b9ff417e8ec9888deac1e66c2855677164cd (patch) | |
tree | 82dc9a20a23b855f91f743c5029ec7a97a35b824 /actionmailbox/test/dummy/config/initializers/content_security_policy.rb | |
parent | b5ed468492387d42a44ca6af525d4a274cda756d (diff) | |
parent | a5b2fff64ca0c1fa7be5124f40a251d991c10a85 (diff) | |
download | rails-9b35b9ff417e8ec9888deac1e66c2855677164cd.tar.gz rails-9b35b9ff417e8ec9888deac1e66c2855677164cd.tar.bz2 rails-9b35b9ff417e8ec9888deac1e66c2855677164cd.zip |
Merge pull request #34786 from georgeclaghorn/actionmailbox
Import Action Mailbox
Diffstat (limited to 'actionmailbox/test/dummy/config/initializers/content_security_policy.rb')
-rw-r--r-- | actionmailbox/test/dummy/config/initializers/content_security_policy.rb | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/actionmailbox/test/dummy/config/initializers/content_security_policy.rb b/actionmailbox/test/dummy/config/initializers/content_security_policy.rb new file mode 100644 index 0000000000..edde7f42b8 --- /dev/null +++ b/actionmailbox/test/dummy/config/initializers/content_security_policy.rb @@ -0,0 +1,22 @@ +# Be sure to restart your server when you modify this file. + +# Define an application-wide content security policy +# For further information see the following documentation +# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy + +# Rails.application.config.content_security_policy do |policy| +# policy.default_src :self, :https +# policy.font_src :self, :https, :data +# policy.img_src :self, :https, :data +# policy.object_src :none +# policy.script_src :self, :https +# policy.style_src :self, :https, :unsafe_inline + +# # Specify URI for violation reports +# # policy.report_uri "/csp-violation-report-endpoint" +# end + +# Report CSP violations to a specified URI +# For further information see the following documentation: +# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy-Report-Only +# Rails.application.config.content_security_policy_report_only = true |