Add a Content Security Policy

2022-09-02 23:54:23 +02:00
parent fe41d44548
commit a2bb2844b4
12 changed files with 144 additions and 23 deletions
--- a/app/views/layouts/application.html.slim
+++ b/app/views/layouts/application.html.slim
@ -15,8 +15,8 @@ html lang="#{I18n.locale || I18n.default_locale}"
    = javascript_include_tag('application', 'data-turbolinks-track': true)
    = yield(:head)
    = csrf_meta_tags
-    = timeago_script_tag
-    script type="text/javascript"
+    = timeago_script_tag nonce: true
+    = javascript_tag nonce: true do
      | I18n.defaultLocale = "#{I18n.default_locale}";
      | I18n.locale = "#{I18n.locale}";
      - if SentryJavascript.active?