diff options
Diffstat (limited to 'railties/lib/rails/application_controller.rb')
-rw-r--r-- | railties/lib/rails/application_controller.rb | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/railties/lib/rails/application_controller.rb b/railties/lib/rails/application_controller.rb index fa8793d81a..b3fe822218 100644 --- a/railties/lib/rails/application_controller.rb +++ b/railties/lib/rails/application_controller.rb @@ -4,6 +4,13 @@ class Rails::ApplicationController < ActionController::Base # :nodoc: self.view_paths = File.expand_path("templates", __dir__) layout "application" + before_action :disable_content_security_policy_nonce! + + content_security_policy do |policy| + policy.script_src :unsafe_inline + policy.style_src :unsafe_inline + end + private def require_local! @@ -15,4 +22,8 @@ class Rails::ApplicationController < ActionController::Base # :nodoc: def local_request? Rails.application.config.consider_all_requests_local || request.local? end + + def disable_content_security_policy_nonce! + request.content_security_policy_nonce_generator = nil + end end |