- 19 2月, 2018 1 次提交
-
-
由 Andrew White 提交于
This reverts commit 86f7c269, reversing changes made to 5ece2e4a. If a policy is set then we should generate it even if it's empty. However what is happening is that we're accidentally generating an empty policy when the initializer is commented out by default.
-
- 18 2月, 2018 1 次提交
-
-
由 Kohei Suzuki 提交于
`Rails.application.config.content_security_policy` is configured with no policies by default. In this case, Content-Security-Policy header should not be generated instead of generating the header with no directives. Firefox also warns "Content Security Policy: Couldn't process unknown directive ''".
-
- 05 12月, 2017 1 次提交
-
-
由 Simon Dawson 提交于
Use Object#deep_dup to safely duplicate policy values
-
- 27 11月, 2017 1 次提交
-