Skip to content

Commit

Permalink
Report Content-Security-Policy problems to honeybadger
Browse files Browse the repository at this point in the history 
Co-authored-by: Christina Chortaria <christinach@users.noreply.github.com>
  • Loading branch information
@sandbergja @christinach
sandbergja and christinach committed Nov 3, 2023
1 parent 7dedfd8 commit bbfd5df
Showing 1 changed file with 12 additions and 0 deletions.
12 changes: 12 additions & 0 deletions config/initializers/content_security_policy.rb
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
# frozen_string_literal: true
Rails.application.config.content_security_policy_report_only = true

Rails.application.config.content_security_policy do |policy|
policy.default_src :self, :https
policy.font_src :self, :https, :data
policy.img_src :self, :https, :data
policy.object_src :none
policy.script_src :self, :https
policy.style_src :self, :https
policy.report_uri -> { "https://api.honeybadger.io/v1/browser/csp?api_key=#{ENV['HONEYBADGER_API_KEY']}&report_only=true&env=#{Rails.env}&context[user_id]=#{respond_to?(:current_user) ? current_user&.id : nil}" }
end

0 comments on commit bbfd5df

Please sign in to comment.