hamlab/mobilizon-frontend
2
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Fix building CSP policy

Browse Source 
You can't use 'none' as a CSP Policy if there's other things among

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
This commit is contained in:
Thomas Citharel
2022-11-04 16:10:24 +01:00
parent d8434ca3d3
commit a51b36fb75
3 changed files with 24 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
test/web/plugs/http_security_plug_test.exs
View File

@@ -93,7 +93,7 @@ defmodule Mobilizon.Web.Plugs.HTTPSecurityPlugTest do
[csp] = Conn.get_resp_header(conn, "content-security-policy")
assert csp =~
~r/script-src 'self' 'unsafe-eval' 'sha256-[\w+\/=]*' 'sha256-[\w+\/=]*' example.com matomo.example.com\s+;/
~r/script-src 'self' 'unsafe-eval' 'sha256-[\w+\/=]*' 'sha256-[\w+\/=]*' example.com matomo.example.com;/
end
end