| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | Skip generating empty CSP header when no policy is configured | Kohei Suzuki | 2018-02-18 | 1 | -1/+1 |
| | | | | | | | | | `Rails.application.config.content_security_policy` is configured with no policies by default. In this case, Content-Security-Policy header should not be generated instead of generating the header with no directives. Firefox also warns "Content Security Policy: Couldn't process unknown directive ''". | ||||
| * | Add DSL for configuring Content-Security-Policy header | Andrew White | 2017-11-27 | 1 | -0/+197 |
| https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy | |||||
 |
index : rails.git | |
| Mirror of official rails repo with custom fixes. | Harald Eilertsen |
| aboutsummaryrefslogtreecommitdiffstats |