Trang chủ Khám phá Trợ giúp
Đăng nhập
RISCI_ATOM
/
mastodon
mirror of https://github.com/tootsuite/mastodon.git
1
0
Fork 0
Các tập tin Các vấn đề 8 Wiki
Tree: d099cf67c0
Branches Tags
mastodon
/
app
/
controllers
/
concerns
/
api
/
content_security_policy.rb

content_security_policy.rb 720 B
Lịch sử Raw

123456789101112131415161718192021222324252627 
  1. # frozen_string_literal: true
    2. 

  2. 

  3. module Api::ContentSecurityPolicy
    4. 

  4.   extend ActiveSupport::Concern
    5. 

  5. 

  6.   included do
    7. 

  7.     content_security_policy do |policy|
    8. 

  8.       # Set every directive that does not have a fallback
    9. 

  9.       policy.default_src :none
    10. 

  10.       policy.frame_ancestors :none
    11. 

  11.       policy.form_action :none
    12. 

  12. 

  13.       # Disable every directive with a fallback to cut on response size
    14. 

  14.       policy.base_uri false
    15. 

  15.       policy.font_src false
    16. 

  16.       policy.img_src false
    17. 

  17.       policy.style_src false
    18. 

  18.       policy.media_src false
    19. 

  19.       policy.frame_src false
    20. 

  20.       policy.manifest_src false
    21. 

  21.       policy.connect_src false
    22. 

  22.       policy.script_src false
    23. 

  23.       policy.child_src false
    24. 

  24.       policy.worker_src false
    25. 

  25.     end
    26. 

  26.   end
    27. 

  27. end
    28.