github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-05-31 03:32:17 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

SECURITY: Don't reuse CSP nonce between requests (#22544)

Browse Source 
Co-authored-by: OsamaSayegh <asooomaasoooma90@gmail.com>
This commit is contained in:
Blake Erickson
2023-07-11 15:24:36 -06:00
committed by GitHub
parent 0718289574
commit eed7d86601
7 changed files with 49 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
lib/content_security_policy/builder.rb
View File

@ -25,8 +25,8 @@ class ContentSecurityPolicy
style_src
].freeze
def initialize(base_url:)
@directives = Default.new(base_url: base_url).directives
def initialize(base_url:, env: {})
@directives = Default.new(base_url: base_url, env: env).directives
@base_url = base_url
end