aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/lib/action_controller/metal.rb
diff options
context:
space:
mode:
authorAndrew White <andrew.white@unboxed.co>2018-10-22 17:10:01 +0100
committerAndrew White <andrew.white@unboxed.co>2018-10-22 17:10:01 +0100
commited91b75c937805cb52b3930f2549b7a179cdc421 (patch)
tree95c43d7fd2e2899fa6949b52b588cd6bce5a84ca /actionpack/lib/action_controller/metal.rb
parentdc6761592009e9146552fc9d6299bf58a34e187a (diff)
downloadrails-ed91b75c937805cb52b3930f2549b7a179cdc421.tar.gz
rails-ed91b75c937805cb52b3930f2549b7a179cdc421.tar.bz2
rails-ed91b75c937805cb52b3930f2549b7a179cdc421.zip
Apply mapping to symbols returned from dynamic CSP sources
Previously if a dynamic source returned a symbol such as :self it would be converted to a string implicity, e.g: policy.default_src -> { :self } would generate the header: Content-Security-Policy: default-src self and now it generates: Content-Security-Policy: default-src 'self'
Diffstat (limited to 'actionpack/lib/action_controller/metal.rb')
0 files changed, 0 insertions, 0 deletions