Remove unsafe authorization (#1184)

This commit is contained in:
Xavier Guimard 2017-03-16 06:30:30 +00:00
parent b85cedcc3e
commit 03339738b7
4 changed files with 4 additions and 4 deletions

View File

@ -31,7 +31,7 @@ sub defaultValues {
'cspFont' => '\'self\'',
'cspImg' => '\'self\' data:',
'cspScript' => '\'self\'',
'cspStyle' => '\'self\' \'unsafe-inline\'',
'cspStyle' => '\'self\'',
'dbiAuthnLevel' => 2,
'dbiExportedVars' => {},
'demoExportedVars' => {

View File

@ -833,7 +833,7 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.]
'type' => 'text'
},
'cspStyle' => {
'default' => '\'self\' \'unsafe-inline\'',
'default' => '\'self\'',
'type' => 'text'
},
'customAddParams' => {

View File

@ -477,7 +477,7 @@ sub attributes {
},
cspStyle => {
type => 'text',
default => "'self' 'unsafe-inline'",
default => "'self'",
documentation => 'Style source for Content-Security-Policy',
},
cspConnect => {

File diff suppressed because one or more lines are too long