update csp for img proxy
parent
312bc14d06
commit
758deeb818
|
@ -16,6 +16,7 @@ if Rails.env.production?
|
||||||
attachments_host = nil
|
attachments_host = nil
|
||||||
end
|
end
|
||||||
|
|
||||||
|
img_proxy_host = "https://#{ENV.fetch('IMG_PROXY_DOMAIN', assets_host)}"
|
||||||
data_hosts << attachments_host unless attachments_host.nil?
|
data_hosts << attachments_host unless attachments_host.nil?
|
||||||
|
|
||||||
if ENV['PAPERCLIP_ROOT_URL']
|
if ENV['PAPERCLIP_ROOT_URL']
|
||||||
|
@ -31,7 +32,7 @@ if Rails.env.production?
|
||||||
p.frame_ancestors :none
|
p.frame_ancestors :none
|
||||||
p.script_src :self, assets_host
|
p.script_src :self, assets_host
|
||||||
p.font_src :self, assets_host
|
p.font_src :self, assets_host
|
||||||
p.img_src :self, :data, :blob, *data_hosts
|
p.img_src :self, :data, :blob, img_proxy_host, *data_hosts
|
||||||
p.style_src :self, :unsafe_inline, assets_host
|
p.style_src :self, :unsafe_inline, assets_host
|
||||||
p.media_src :self, :data, *data_hosts
|
p.media_src :self, :data, *data_hosts
|
||||||
p.frame_src :self, :https
|
p.frame_src :self, :https
|
||||||
|
|
Loading…
Reference in New Issue