cst1/openstreetmap-website
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge pull request #4856 from tyrasd/patch-2

Browse source 
reintroduce unsafe-eval CSP rule for iD (Mapillary layer)
This commit is contained in:
Andy Allan 2024-05-29 13:14:10 +01:00 committed by GitHub
commit 9004c2d28d
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 1 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

1
app/controllers/site_controller.rb
View file

@ -19,6 +19,7 @@ class SiteController < ApplicationController
content_security_policy(:only => :id) do |policy|
policy.connect_src("*")
policy.img_src(*policy.img_src, "*", :blob)
policy.script_src(*policy.script_src, :unsafe_eval)
policy.style_src(*policy.style_src, :unsafe_inline)
end