IntenseFinance/firefly-iii
3
0
Fork 0
mirror of https://github.com/firefly-iii/firefly-iii.git synced 2025-01-02 12:17:22 -06:00
Code Issues Packages Projects Releases Wiki Activity

Remove strict CSP header for #4622

Browse Source
This commit is contained in:
James Cole 2021-04-09 06:05:27 +02:00
parent 075f951cfe
commit 1912e46113
No known key found for this signature in database
GPG Key ID: B5669F9493CDE38D
1 changed files with 0 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/Http/Middleware/SecureHeaders.php
View File

@ -53,8 +53,6 @@ class SecureHeaders
$csp = [ $csp = [
"default-src 'none'", "default-src 'none'",
"object-src 'none'", "object-src 'none'",
"require-trusted-types-for 'script'",
//sprintf("script-src 'unsafe-inline' 'strict-dynamic' 'nonce-%1s' %2s", $nonce, $trackingScriptSrc),
sprintf("script-src 'unsafe-eval' 'strict-dynamic' 'self' 'unsafe-inline' 'nonce-%1s' %2s", $nonce, $trackingScriptSrc), sprintf("script-src 'unsafe-eval' 'strict-dynamic' 'self' 'unsafe-inline' 'nonce-%1s' %2s", $nonce, $trackingScriptSrc),
"style-src 'unsafe-inline' 'self'", "style-src 'unsafe-inline' 'self'",
"base-uri 'self'", "base-uri 'self'",