10 Commits (e4efe02d99fc55e21b6c4c0dfc0c2da767e13130)

Author SHA1 Message Date
  ThibG e1629a7758
Remove 'unsafe-inline' from Content-Security-Policy style-src (#13679) 4 years ago
  ThibG dea5db0e25
Fix PgHero Content-Security-Policy when CDN_HOST is used (#13595) 4 years ago
  ThibG 7ddbbdea6d
Fix OCR not working on Safari because of unsupported worker-src CSP (#13323) 4 years ago
  ThibG 8203e24cf4 Fix CSP needlessly allowing blob URLs in script-src (#11620) 5 years ago
  Eugen Rochko b7f5f0ec10
Fix media host not being included in connect-src for OCR (#11577) 5 years ago
  Eugen Rochko 28636f43e4
Add OCR tool to media editing modal (#11566) 5 years ago
  ThibG 8ab081ec32 Add manifest_src to CSP, add blob to connect_src (#8967) 6 years ago
  Eugen Rochko edc7f895be
Fix CSP headers blocking media and development environment (#8962) 6 years ago
  ThibG 2d27c11061 Set Content-Security-Policy rules through RoR's config (#8957) 6 years ago
  Yamagishi Kazutoshi 50529cbceb Upgrade Rails to version 5.2.0 (#5898) 6 years ago