flaburgan
|
2073791cee
|
Add a manifest.json file as a first step to make diaspora* a PWA
fixes #7997
closes #7998
|
2019-04-27 18:00:14 +02:00 |
|
Benjamin Neff
|
3c55a425c7
|
Fix script domain for instagram in CSP header
closes #7920
|
2018-11-08 05:12:55 +01:00 |
|
Alex Tribble
|
1b03265c2e
|
Allow fonts to be served from asset host in CSP.
Closes #7796
closes #7825
|
2018-06-16 01:22:22 +02:00 |
|
Benjamin Neff
|
7854e14e07
|
Bump secure_headers
|
2018-04-12 02:41:53 +02:00 |
|
Benjamin Neff
|
e82690963d
|
Add # frozen_string_literal: true to all files
|
2017-09-17 19:29:15 +02:00 |
|
Benjamin Neff
|
24b40a4c01
|
Merge branch 'next-minor' into develop
|
2017-04-06 01:02:26 +02:00 |
|
Amadren
|
30fad8279b
|
Improve csp for a better cloudflare support
closes #7367
|
2017-04-06 01:01:50 +02:00 |
|
Steffen van Bergerem
|
bd0210a181
|
Remove chartbeat and mixpanel support
|
2017-01-15 13:30:54 +01:00 |
|
Benjamin Neff
|
e18627f542
|
Suppress deprecation warning: disable csp in report-only mode
|
2016-10-30 00:14:23 +02:00 |
|
Benjamin Neff
|
4f6018c74a
|
Bump secure_headers
closes #7151
|
2016-10-27 02:26:52 +02:00 |
|
Benjamin Neff
|
ec8a49b338
|
Add settings for CSP to diaspora.yml
closes #7128
|
2016-09-30 02:11:32 +02:00 |
|
Benjamin Neff
|
caef670934
|
Configure CSP header for services from diaspora.yml
|
2016-09-30 02:10:37 +02:00 |
|
Benjamin Neff
|
edf6602099
|
Add frame-src but don't spam the log with DEPRECATION warnings.
This is an ugly hack, and it should be reverted once we stop supporting
old browsers.
|
2016-09-30 02:10:37 +02:00 |
|
Benjamin Neff
|
6ec0fd4b9f
|
Add nonce to javascript tags
|
2016-09-30 02:10:37 +02:00 |
|
Benjamin Neff
|
4da1c78bb7
|
Add secure_header gem to add some security related headers
basic config for Content Security Policies
|
2016-09-30 02:10:37 +02:00 |
|