Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Make sure we don't set CSP headers on Bada - it's broken!

  • Loading branch information...
commit ed2556fdf38c7fa99b1ffd16adabe825b3e3e425 1 parent 515c831
@NielsLeenheer authored
Showing with 8 additions and 5 deletions.
  1. +8 −5 .htaccess
View
13 .htaccess
@@ -50,10 +50,13 @@ RewriteRule ^browserconfig.xml /images/icons/browserconfig.xml
</IfModule>
</FilesMatch>
-<FilesMatch "index.html">
+
+SetEnvIf User-Agent .*Bada.* BROKEN_CSP
+
+<FilesMatch "[index|qr].html">
<IfModule mod_headers.c>
- Header set X-WebKit-CSP "default-src 'unsafe-inline' *; frame-src *; options inline-script;"
- Header set Content-Security-Policy "default-src 'unsafe-inline' *; frame-src *; options inline-script;"
- Header set X-Content-Security-Policy "default-src 'unsafe-inline' *; frame-src *; options inline-script;"
+ Header set X-WebKit-CSP "default-src 'unsafe-inline' *; frame-src *; options inline-script;" env=!BROKEN_CSP
+ Header set Content-Security-Policy "default-src 'unsafe-inline' *; frame-src *; options inline-script;" env=!BROKEN_CSP
+ Header set X-Content-Security-Policy "default-src 'unsafe-inline' *; frame-src *; options inline-script;" env=!BROKEN_CSP
</IfModule>
-</FilesMatch>
+</FilesMatch>
Please sign in to comment.
Something went wrong with that request. Please try again.