Remove trailing semi-colon from CSP

Although the spec[1] is defined in such a way that a trailing semi-colon is valid it also doesn't allow a semi-colon by itself to indicate an empty policy. Therefore it's easier (and valid) just to omit it rather than to detect whether the policy is empty or not. [1]: https://www.w3.org/TR/CSP2/#policy-syntax
author: Andrew White <andrew.white@unboxed.co> 2018-02-19 12:20:43 +0000
committer: Andrew White <andrew.white@unboxed.co> 2018-02-19 12:20:43 +0000
commit: d85283cc42b1a965944047a2f602153804126f77 (patch)
tree: bfb9986bff4ddf92aad7c973f31e78f0ed0be293 /actionpack/lib
parent: 57f9c36387f371cfb791aa660c733e9690443d04 (diff)
download: rails-d85283cc42b1a965944047a2f602153804126f77.tar.gz
rails-d85283cc42b1a965944047a2f602153804126f77.tar.bz2
rails-d85283cc42b1a965944047a2f602153804126f77.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/actionpack/lib/action_dispatch/http/content_security_policy.rb b/actionpack/lib/action_dispatch/http/content_security_policy.rb
index 4883e23d24..ffac3b8d99 100644
--- a/actionpack/lib/action_dispatch/http/content_security_policy.rb
+++ b/actionpack/lib/action_dispatch/http/content_security_policy.rb
@@ -172,7 +172,7 @@ module ActionDispatch #:nodoc:
     end
 
     def build(context = nil)
-      build_directives(context).compact.join("; ") + ";"
+      build_directives(context).compact.join("; ")
     end
 
     private
author	Andrew White <andrew.white@unboxed.co>	2018-02-19 12:20:43 +0000
committer	Andrew White <andrew.white@unboxed.co>	2018-02-19 12:20:43 +0000
commit	d85283cc42b1a965944047a2f602153804126f77 (patch)
tree	bfb9986bff4ddf92aad7c973f31e78f0ed0be293 /actionpack/lib
parent	57f9c36387f371cfb791aa660c733e9690443d04 (diff)
download	rails-d85283cc42b1a965944047a2f602153804126f77.tar.gz rails-d85283cc42b1a965944047a2f602153804126f77.tar.bz2 rails-d85283cc42b1a965944047a2f602153804126f77.zip