diff options
author | Andrew White <pixeltrix@users.noreply.github.com> | 2018-02-19 14:55:05 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2018-02-19 14:55:05 +0000 |
commit | dc6185b462dc423e9e6fa89a64aa54427ff7660d (patch) | |
tree | 3c61ade55071b719d49421cb3af825795f8900c9 /actionpack/lib/action_dispatch/http | |
parent | 0d41a76d0c693000005d79456dee7f9299f5e8d4 (diff) | |
parent | d85283cc42b1a965944047a2f602153804126f77 (diff) | |
download | rails-dc6185b462dc423e9e6fa89a64aa54427ff7660d.tar.gz rails-dc6185b462dc423e9e6fa89a64aa54427ff7660d.tar.bz2 rails-dc6185b462dc423e9e6fa89a64aa54427ff7660d.zip |
Merge pull request #32054 from rails/fix-generation-of-empty-csp
Fix generation of empty content security policy
Diffstat (limited to 'actionpack/lib/action_dispatch/http')
-rw-r--r-- | actionpack/lib/action_dispatch/http/content_security_policy.rb | 12 |
1 files changed, 2 insertions, 10 deletions
diff --git a/actionpack/lib/action_dispatch/http/content_security_policy.rb b/actionpack/lib/action_dispatch/http/content_security_policy.rb index 160c345361..ffac3b8d99 100644 --- a/actionpack/lib/action_dispatch/http/content_security_policy.rb +++ b/actionpack/lib/action_dispatch/http/content_security_policy.rb @@ -21,10 +21,7 @@ module ActionDispatch #:nodoc: return response if policy_present?(headers) if policy = request.content_security_policy - built_policy = policy.build(request.controller_instance) - if built_policy - headers[header_name(request)] = built_policy - end + headers[header_name(request)] = policy.build(request.controller_instance) end response @@ -175,12 +172,7 @@ module ActionDispatch #:nodoc: end def build(context = nil) - built_directives = build_directives(context).compact - if built_directives.empty? - nil - else - built_directives.join("; ") + ";" - end + build_directives(context).compact.join("; ") end private |