berserker
/
microblog
2
0
Fork 1
Code Issues 12 Pull Requests Projects Releases Wiki Activity

Fix Content Security Policy sometimes unnecessarily allowing hCaptcha scripts (#26388)

Browse Source
local
Claire 10 months ago committed by GitHub
parent 2c204d904b
commit 8b37dd2c86
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 1 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 4
      app/controllers/concerns/captcha_concern.rb

4
app/controllers/concerns/captcha_concern.rb
Unescape View File

@ -42,7 +42,7 @@ module CaptchaConcern
end
def extend_csp_for_captcha!
policy = request.content_security_policy
policy = request.content_security_policy&.clone
return unless captcha_required? && policy.present?
@ -54,6 +54,8 @@ module CaptchaConcern
policy.send(directive, *values)
end
request.content_security_policy = policy
end
def render_captcha

Write Preview
Loading…
Cancel
Save