16 lines
735 B
Django/Jinja
16 lines
735 B
Django/Jinja
{% if redmine_inside_iframe %}
|
|
Rails.application.config.content_security_policy do |policy|
|
|
policy.default_src "*", :data, :blob, "'unsafe-inline'", "'unsafe-eval'"
|
|
policy.font_src "*", :data, :blob, "'unsafe-inline'", "'unsafe-eval'"
|
|
policy.img_src "*", :data, :blob, "'unsafe-inline'", "'unsafe-eval'"
|
|
policy.object_src "*", :data, :blob, "'unsafe-inline'", "'unsafe-eval'"
|
|
policy.script_src "*", :data, :blob, "'unsafe-inline'", "'unsafe-eval'"
|
|
policy.style_src "*", :data, :blob, "'unsafe-inline'", "'unsafe-eval'"
|
|
|
|
# Specify URI for violation reports
|
|
# policy.report_uri "/csp-violation-report-endpoint"
|
|
end
|
|
|
|
#Rails.application.config.content_security_policy_report_only = true
|
|
{% endif %}
|