DRCIT/snipe-it
1
0
Fork 0
mirror of https://github.com/snipe/snipe-it.git synced 2024-09-19 23:37:38 -07:00
Code Issues Actions 6 Packages Projects Releases Wiki Activity

Reverting CSP change

Browse source 
Signed-off-by: snipe <snipe@snipe.net>
This commit is contained in:
snipe 2024-03-01 12:25:14 +00:00
parent 5b9b21a7d1
commit 19e0fb7955
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
app/Http/Middleware/SecurityHeaders.php
View file

@ -83,8 +83,8 @@ class SecurityHeaders
if ((config('app.debug') != 'true') && (config('app.enable_csp') == 'true')) { if ((config('app.debug') != 'true') && (config('app.enable_csp') == 'true')) {
$csp_policy[] = "default-src 'self'"; $csp_policy[] = "default-src 'self'";
$csp_policy[] = "style-src 'self'"; $csp_policy[] = "style-src 'self' 'unsafe-inline'";
$csp_policy[] = "script-src 'self'"; $csp_policy[] = "script-src 'self' 'unsafe-inline' 'unsafe-eval'";
$csp_policy[] = "connect-src 'self'"; $csp_policy[] = "connect-src 'self'";
$csp_policy[] = "object-src 'none'"; $csp_policy[] = "object-src 'none'";
$csp_policy[] = "font-src 'self' data:"; $csp_policy[] = "font-src 'self' data:";