mirror of
https://github.com/snipe/snipe-it.git
synced 2024-09-19 23:37:38 -07:00
Reverting CSP change
Signed-off-by: snipe <snipe@snipe.net>
This commit is contained in:
parent
5b9b21a7d1
commit
19e0fb7955
|
@ -83,8 +83,8 @@ class SecurityHeaders
|
||||||
|
|
||||||
if ((config('app.debug') != 'true') && (config('app.enable_csp') == 'true')) {
|
if ((config('app.debug') != 'true') && (config('app.enable_csp') == 'true')) {
|
||||||
$csp_policy[] = "default-src 'self'";
|
$csp_policy[] = "default-src 'self'";
|
||||||
$csp_policy[] = "style-src 'self'";
|
$csp_policy[] = "style-src 'self' 'unsafe-inline'";
|
||||||
$csp_policy[] = "script-src 'self'";
|
$csp_policy[] = "script-src 'self' 'unsafe-inline' 'unsafe-eval'";
|
||||||
$csp_policy[] = "connect-src 'self'";
|
$csp_policy[] = "connect-src 'self'";
|
||||||
$csp_policy[] = "object-src 'none'";
|
$csp_policy[] = "object-src 'none'";
|
||||||
$csp_policy[] = "font-src 'self' data:";
|
$csp_policy[] = "font-src 'self' data:";
|
||||||
|
|
Loading…
Reference in a new issue