aboutsummaryrefslogtreecommitdiffstats
path: root/railties
diff options
context:
space:
mode:
Diffstat (limited to 'railties')
-rw-r--r--railties/lib/rails/generators/rails/app/templates/config/initializers/content_security_policy.rb.tt16
1 files changed, 8 insertions, 8 deletions
diff --git a/railties/lib/rails/generators/rails/app/templates/config/initializers/content_security_policy.rb.tt b/railties/lib/rails/generators/rails/app/templates/config/initializers/content_security_policy.rb.tt
index 656ded4069..d566c734c8 100644
--- a/railties/lib/rails/generators/rails/app/templates/config/initializers/content_security_policy.rb.tt
+++ b/railties/lib/rails/generators/rails/app/templates/config/initializers/content_security_policy.rb.tt
@@ -2,16 +2,16 @@
# For further information see the following documentation
# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy
-Rails.application.config.content_security_policy do |p|
- p.default_src :self, :https
- p.font_src :self, :https, :data
- p.img_src :self, :https, :data
- p.object_src :none
- p.script_src :self, :https
- p.style_src :self, :https, :unsafe_inline
+Rails.application.config.content_security_policy do |policy|
+ policy.default_src :self, :https
+ policy.font_src :self, :https, :data
+ policy.img_src :self, :https, :data
+ policy.object_src :none
+ policy.script_src :self, :https
+ policy.style_src :self, :https, :unsafe_inline
# Specify URI for violation reports
- # p.report_uri "/csp-violation-report-endpoint"
+ # policy.report_uri "/csp-violation-report-endpoint"
end
# Report CSP violations to a specified URI
generated by cgit v1.2.3 (git 2.25.1) at 2025-02-14 10:55:08 +0000