IntenseWebs/discourse
3
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-02-25 18:55:32 -06:00
Code Issues Packages Projects Releases Wiki Activity

remove Logster from CSP whitelist (#6593)

Browse Source 
Logster 1.3 no longer has inline JS and is now CSP compliant
This commit is contained in:
Kyle Zhao
2018-11-12 17:55:57 -05:00
committed by Sam
parent 0cb33d2b52
commit 3493ea85cc
2 changed files with 0 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
spec/requests/application_controller_spec.rb
View File

@@ -260,16 +260,6 @@ RSpec.describe ApplicationController do
expect(response.headers).to_not include('Content-Security-Policy-Report-Only')
end
it 'does not set CSP for /logs' do
sign_in(Fabricate(:admin))
SiteSetting.content_security_policy = true
get '/logs'
expect(response.status).to eq(200)
expect(response.headers).to_not include('Content-Security-Policy')
end
def parse(csp_string)
csp_string.split(';').map do |policy|
directive, *sources = policy.split