aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack
diff options
context:
space:
mode:
Diffstat (limited to 'actionpack')
-rw-r--r--actionpack/lib/action_dispatch/http/content_security_policy.rb4
-rw-r--r--actionpack/test/dispatch/content_security_policy_test.rb6
2 files changed, 9 insertions, 1 deletions
diff --git a/actionpack/lib/action_dispatch/http/content_security_policy.rb b/actionpack/lib/action_dispatch/http/content_security_policy.rb
index a3407c9698..c1f80a1ffc 100644
--- a/actionpack/lib/action_dispatch/http/content_security_policy.rb
+++ b/actionpack/lib/action_dispatch/http/content_security_policy.rb
@@ -113,7 +113,9 @@ module ActionDispatch #:nodoc:
blob: "blob:",
filesystem: "filesystem:",
report_sample: "'report-sample'",
- strict_dynamic: "'strict-dynamic'"
+ strict_dynamic: "'strict-dynamic'",
+ ws: "ws:",
+ wss: "wss:"
}.freeze
DIRECTIVES = {
diff --git a/actionpack/test/dispatch/content_security_policy_test.rb b/actionpack/test/dispatch/content_security_policy_test.rb
index f133aae865..95fce39dad 100644
--- a/actionpack/test/dispatch/content_security_policy_test.rb
+++ b/actionpack/test/dispatch/content_security_policy_test.rb
@@ -51,6 +51,12 @@ class ContentSecurityPolicyTest < ActiveSupport::TestCase
@policy.script_src :strict_dynamic
assert_equal "script-src 'strict-dynamic'", @policy.build
+ @policy.script_src :ws
+ assert_equal "script-src ws:", @policy.build
+
+ @policy.script_src :wss
+ assert_equal "script-src wss:", @policy.build
+
@policy.script_src :none, :report_sample
assert_equal "script-src 'none' 'report-sample'", @policy.build
end
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-17 02:50:23 +0000