diff options
author | Yuji Yaginuma <yuuji.yaginuma@gmail.com> | 2018-09-20 08:31:08 +0900 |
---|---|---|
committer | GitHub <noreply@github.com> | 2018-09-20 08:31:08 +0900 |
commit | 12c2dab41b86331c155c72a9c003826ea487a079 (patch) | |
tree | 4e0870888e291a81e3e2ef244a3eb213ff393351 /actionpack/lib/action_dispatch/http | |
parent | e0d3313bac6bd2fbf10df27d79d72157f63ae6ba (diff) | |
parent | 0c85def8bae901631810e002f1cf7b61750b3a17 (diff) | |
download | rails-12c2dab41b86331c155c72a9c003826ea487a079.tar.gz rails-12c2dab41b86331c155c72a9c003826ea487a079.tar.bz2 rails-12c2dab41b86331c155c72a9c003826ea487a079.zip |
Merge pull request #32932 from y-yagi/fixes_32920
Add CSP nonce to `style-src` directive
Diffstat (limited to 'actionpack/lib/action_dispatch/http')
-rw-r--r-- | actionpack/lib/action_dispatch/http/content_security_policy.rb | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/actionpack/lib/action_dispatch/http/content_security_policy.rb b/actionpack/lib/action_dispatch/http/content_security_policy.rb index 35041fd072..855be5ce2e 100644 --- a/actionpack/lib/action_dispatch/http/content_security_policy.rb +++ b/actionpack/lib/action_dispatch/http/content_security_policy.rb @@ -132,7 +132,7 @@ module ActionDispatch #:nodoc: worker_src: "worker-src" }.freeze - NONCE_DIRECTIVES = %w[script-src].freeze + NONCE_DIRECTIVES = %w[script-src style-src].freeze private_constant :MAPPINGS, :DIRECTIVES, :NONCE_DIRECTIVES |