Make JS views rendered work with content security policy

As of now, `HTMLElement.nonce` seems to work only in Chrome. So, it should not be used now. https://developer.mozilla.org/en-US/docs/Web/API/HTMLElement/nonce#Browser_compatibility Fixes #32577.
author: yuuji.yaginuma <yuuji.yaginuma@gmail.com> 2018-04-17 15:00:57 +0900
committer: Yuji Yaginuma <yuuji.yaginuma@gmail.com> 2018-04-20 15:41:56 +0900
commit: 1694b02909850c9d8f47fb644e98e1203d9f2898 (patch)
tree: 74a5e12f45d62f50dedab2e7e91a553da6802515 /actionview/CHANGELOG.md
parent: b8cd9302fe01dcaf4d36cc28cdfb7b9d7db832d8 (diff)
download: rails-1694b02909850c9d8f47fb644e98e1203d9f2898.tar.gz
rails-1694b02909850c9d8f47fb644e98e1203d9f2898.tar.bz2
rails-1694b02909850c9d8f47fb644e98e1203d9f2898.zip
1 files changed, 7 insertions, 0 deletions
diff --git a/actionview/CHANGELOG.md b/actionview/CHANGELOG.md
index d833f9cd98..2c1ca12043 100644
--- a/actionview/CHANGELOG.md
+++ b/actionview/CHANGELOG.md
@@ -1,3 +1,10 @@
+*   Fix JavaScript views rendering does not work with Firefox when using
+    Content Security Policy.
+
+    Fixes #32577.
+
+    *Yuji Yaginuma*
+
 *   Add the `nonce: true` option for `javascript_include_tag` helper to
     support automatic nonce generation for Content Security Policy.
     Works the same way as `javascript_tag nonce: true` does.
author	yuuji.yaginuma <yuuji.yaginuma@gmail.com>	2018-04-17 15:00:57 +0900
committer	Yuji Yaginuma <yuuji.yaginuma@gmail.com>	2018-04-20 15:41:56 +0900
commit	1694b02909850c9d8f47fb644e98e1203d9f2898 (patch)
tree	74a5e12f45d62f50dedab2e7e91a553da6802515 /actionview/CHANGELOG.md
parent	b8cd9302fe01dcaf4d36cc28cdfb7b9d7db832d8 (diff)
download	rails-1694b02909850c9d8f47fb644e98e1203d9f2898.tar.gz rails-1694b02909850c9d8f47fb644e98e1203d9f2898.tar.bz2 rails-1694b02909850c9d8f47fb644e98e1203d9f2898.zip