Skip to content

Commit

Permalink
correctly set strict-dynamic
Browse files Browse the repository at this point in the history
  • Loading branch information
@zero-24
zero-24 committed Apr 30, 2020
1 parent 7b3efc2 commit 615f800
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions plugins/system/httpheaders/httpheaders.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -327,7 +327,7 @@ private function setCspHeader(): void
&& strpos($cspValue->value, 'strict-dynamic') === 0
&& $scriptDynamicEnabled)
{
$cspValue->value = $cspValue->value . ' strict-dynamic';
$cspValue->value = $cspValue->value . " 'strict-dynamic' ";
}

$newCspValues[] = trim($cspValue->directive) . ' ' . trim($cspValue->value);
Expand Down Expand Up @@ -458,7 +458,7 @@ private function compileAutomaticCspHeaderRules(): array
&& strpos($cspHeaderValue, 'strict-dynamic') === 0
&& $scriptDynamicEnabled)
{
$cspHeaderValue = $cspHeaderValue . ' strict-dynamic';
$cspHeaderValue = $cspHeaderValue . " 'strict-dynamic' ";
}

// By default we should whitelist 'self' on any directive
Expand Down

0 comments on commit 615f800

Please sign in to comment.