Allow to add URLs in CSP from-action from the request object (#1480)
This commit is contained in:
parent
5beb432750
commit
46702f3a62
|
@ -177,6 +177,7 @@ sub _buildAuthLoop {
|
|||
$req->env->{'REQUEST_URI'} ) )
|
||||
{
|
||||
$url .= $req->env->{'REQUEST_URI'};
|
||||
$req->{cspFormAction} .= " $url";
|
||||
}
|
||||
else {
|
||||
$url .= '#';
|
||||
|
|
|
@ -738,6 +738,11 @@ sub sendHtml {
|
|||
$csp .= " $url";
|
||||
}
|
||||
}
|
||||
if ( defined $req->{cspFormAction} ) {
|
||||
$self->logger->debug(
|
||||
"Set CSP form-action with request URL: " . $req->{cspFormAction} );
|
||||
$csp .= " " . $req->{cspFormAction};
|
||||
}
|
||||
$csp .= ';';
|
||||
|
||||
# Deny using portal in frame except if it is required
|
||||
|
|
Loading…
Reference in New Issue
Block a user