chore(dev): report to CSP_REPORT_URI instead of non existing /csp
This commit is contained in:
parent
aae90d34de
commit
2a948c6145
1 changed files with 1 additions and 1 deletions
|
@ -53,7 +53,7 @@ Rails.application.config.content_security_policy do |policy|
|
||||||
|
|
||||||
# CSP are not enforced in development (see content_security_policy_report_only in development.rb)
|
# CSP are not enforced in development (see content_security_policy_report_only in development.rb)
|
||||||
# However we notify a random local URL, to see breakage in the DevTools when adding a new external resource.
|
# However we notify a random local URL, to see breakage in the DevTools when adding a new external resource.
|
||||||
policy.report_uri "http://#{ENV.fetch('APP_HOST')}/csp/"
|
policy.report_uri CSP_REPORT_URI if CSP_REPORT_URI.present?
|
||||||
|
|
||||||
elsif Rails.env.test?
|
elsif Rails.env.test?
|
||||||
# Disallow all connections to external domains during tests
|
# Disallow all connections to external domains during tests
|
||||||
|
|
Loading…
Reference in a new issue