commit
26363d1f3d
3 changed files with 7 additions and 1 deletions
|
@ -492,7 +492,7 @@ GEM
|
|||
byebug (~> 11.0)
|
||||
pry (~> 0.13.0)
|
||||
public_suffix (4.0.6)
|
||||
puma (5.5.1)
|
||||
puma (5.6.2)
|
||||
nio4r (~> 2.0)
|
||||
pundit (2.1.0)
|
||||
activesupport (>= 3.0.0)
|
||||
|
|
|
@ -28,8 +28,13 @@ Rails.application.config.content_security_policy do |policy|
|
|||
connect_whitelist << URI(API_ADRESSE_URL).host if API_ADRESSE_URL.present?
|
||||
connect_whitelist << URI(API_EDUCATION_URL).host if API_EDUCATION_URL.present?
|
||||
connect_whitelist << URI(API_GEO_URL).host if API_GEO_URL.present?
|
||||
connect_whitelist << Rails.application.secrets.matomo[:host] if Rails.application.secrets.matomo[:enabled]
|
||||
policy.connect_src(:self, *connect_whitelist)
|
||||
|
||||
frame_whitelist = []
|
||||
frame_whitelist << URI(MATOMO_IFRAME_URL).host if Rails.application.secrets.matomo[:enabled]
|
||||
policy.frame_src(:self, *frame_whitelist)
|
||||
|
||||
# Pour tout le reste, par défaut on accepte uniquement ce qui vient de chez nous
|
||||
# et dans la notification on inclue la source de l'erreur
|
||||
default_whitelist = ["fonts.gstatic.com", "in-automate.sendinblue.com", "player.vimeo.com", "app.franceconnect.gouv.fr", "sentry.io", "*.crisp.chat", "crisp.chat", "*.crisp.help", "*.sibautomation.com", "sibautomation.com", "data"]
|
||||
|
|
|
@ -23,6 +23,7 @@ describe 'The user' do
|
|||
choose('Madame')
|
||||
fill_in('email', with: 'loulou@yopmail.com')
|
||||
fill_in('phone', with: '0123456789')
|
||||
scroll_to(find_field('Non'), align: :center)
|
||||
choose('Non')
|
||||
choose('val2')
|
||||
check('val1')
|
||||
|
|
Loading…
Reference in a new issue