Benjamin Neff
|
c1ebc4d338
|
Merge branch 'next-minor' into develop
|
2018-04-12 02:49:11 +02:00 |
|
Benjamin Neff
|
7854e14e07
|
Bump secure_headers
|
2018-04-12 02:41:53 +02:00 |
|
Frédéric Bolvin
|
6d55b15604
|
Resize images on client-side before uploading
|
2018-03-11 11:20:16 +01:00 |
|
Frédéric Bolvin
|
23e4062342
|
Allow blob: URIs to be used as a content source in CSP header
|
2018-03-03 21:12:18 +01:00 |
|
Benjamin Neff
|
e82690963d
|
Add # frozen_string_literal: true to all files
|
2017-09-17 19:29:15 +02:00 |
|
Benjamin Neff
|
24b40a4c01
|
Merge branch 'next-minor' into develop
|
2017-04-06 01:02:26 +02:00 |
|
Amadren
|
30fad8279b
|
Improve csp for a better cloudflare support
closes #7367
|
2017-04-06 01:01:50 +02:00 |
|
Steffen van Bergerem
|
bd0210a181
|
Remove chartbeat and mixpanel support
|
2017-01-15 13:30:54 +01:00 |
|
Benjamin Neff
|
e18627f542
|
Suppress deprecation warning: disable csp in report-only mode
|
2016-10-30 00:14:23 +02:00 |
|
Benjamin Neff
|
4f6018c74a
|
Bump secure_headers
closes #7151
|
2016-10-27 02:26:52 +02:00 |
|
Benjamin Neff
|
ec8a49b338
|
Add settings for CSP to diaspora.yml
closes #7128
|
2016-09-30 02:11:32 +02:00 |
|
Benjamin Neff
|
caef670934
|
Configure CSP header for services from diaspora.yml
|
2016-09-30 02:10:37 +02:00 |
|
Benjamin Neff
|
edf6602099
|
Add frame-src but don't spam the log with DEPRECATION warnings.
This is an ugly hack, and it should be reverted once we stop supporting
old browsers.
|
2016-09-30 02:10:37 +02:00 |
|
Benjamin Neff
|
6ec0fd4b9f
|
Add nonce to javascript tags
|
2016-09-30 02:10:37 +02:00 |
|
Benjamin Neff
|
4da1c78bb7
|
Add secure_header gem to add some security related headers
basic config for Content Security Policies
|
2016-09-30 02:10:37 +02:00 |
|