This repository has been archived on 2023-03-18. You can view files and clone it, but cannot push or open issues or pull requests.

Kyle Zhao 488fba3c5f FEATURE: allow plugins and themes to extend the default CSP (#6704) ... * FEATURE: allow plugins and themes to extend the default CSP For plugins: ``` extend_content_security_policy( script_src: ['https://domain.com/script.js', 'https://your-cdn.com/'], style_src: ['https://domain.com/style.css'] ) ``` For themes and components: ``` extend_content_security_policy: type: list default: "script_src:https://domain.com/|style_src:https://domain.com" ``` * clear CSP base url before each test we have a test that stubs `Rails.env.development?` to true * Only allow extending directives that core includes, for now		2018-11-30 09:51:45 -05:00
..
backup_restore	FEATURE: Support backup uploads/downloads directly to/from S3.	2018-10-15 09:43:31 +08:00
content_security_policy	FEATURE: allow plugins and themes to extend the default CSP (#6704)	2018-11-30 09:51:45 -05:00
browser_detection_spec.rb	FIX: Fix browser detection for Microsoft Edge. (#6516)	2018-10-22 23:15:41 +11:00
content_security_policy_spec.rb	FEATURE: allow plugins and themes to extend the default CSP (#6704)	2018-11-30 09:51:45 -05:00
db_helper_spec.rb	Revert "Swtich to regexp for DbHelper.remap."	2018-11-08 14:20:09 +08:00
encodings_spec.rb	Use rchardet instead of charlock_holmes gem	2018-08-01 10:41:20 +02:00
mini_sql_multisite_connection_spec.rb	Rubocop fix	2018-07-24 10:49:20 +01:00
upload_creator_spec.rb	FEATURE: do not switch to JPEG unless you meet 75k byte savings	2018-11-21 11:01:08 +11:00
upload_recovery_spec.rb	FIX: Don't update user_profile URLs unless upload is persisted.	2018-10-01 14:21:39 +08:00