diff options
author | Andrew White <andrew.white@unboxed.co> | 2018-10-22 17:10:01 +0100 |
---|---|---|
committer | Andrew White <andrew.white@unboxed.co> | 2018-10-22 17:10:01 +0100 |
commit | ed91b75c937805cb52b3930f2549b7a179cdc421 (patch) | |
tree | 95c43d7fd2e2899fa6949b52b588cd6bce5a84ca /actionpack/lib/action_controller/metal.rb | |
parent | dc6761592009e9146552fc9d6299bf58a34e187a (diff) | |
download | rails-ed91b75c937805cb52b3930f2549b7a179cdc421.tar.gz rails-ed91b75c937805cb52b3930f2549b7a179cdc421.tar.bz2 rails-ed91b75c937805cb52b3930f2549b7a179cdc421.zip |
Apply mapping to symbols returned from dynamic CSP sources
Previously if a dynamic source returned a symbol such as :self it
would be converted to a string implicity, e.g:
policy.default_src -> { :self }
would generate the header:
Content-Security-Policy: default-src self
and now it generates:
Content-Security-Policy: default-src 'self'
Diffstat (limited to 'actionpack/lib/action_controller/metal.rb')
0 files changed, 0 insertions, 0 deletions