Benjamin Neff
|
e18627f542
|
Suppress deprecation warning: disable csp in report-only mode
|
2016-10-30 00:14:23 +02:00 |
|
Benjamin Neff
|
4f6018c74a
|
Bump secure_headers
closes #7151
|
2016-10-27 02:26:52 +02:00 |
|
Benjamin Neff
|
ec8a49b338
|
Add settings for CSP to diaspora.yml
closes #7128
|
2016-09-30 02:11:32 +02:00 |
|
Benjamin Neff
|
caef670934
|
Configure CSP header for services from diaspora.yml
|
2016-09-30 02:10:37 +02:00 |
|
Benjamin Neff
|
edf6602099
|
Add frame-src but don't spam the log with DEPRECATION warnings.
This is an ugly hack, and it should be reverted once we stop supporting
old browsers.
|
2016-09-30 02:10:37 +02:00 |
|
Benjamin Neff
|
6ec0fd4b9f
|
Add nonce to javascript tags
|
2016-09-30 02:10:37 +02:00 |
|
Benjamin Neff
|
4da1c78bb7
|
Add secure_header gem to add some security related headers
basic config for Content Security Policies
|
2016-09-30 02:10:37 +02:00 |
|