You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Add a content_security_policy with an option specified via a proc. For example:
policy.report_uri(proc { "..." if Random.rand(100.0) < 0.002 })
Add a route with redirect. For example:
get 'author/top_authors', to: redirect('/authors/top')
Expected behavior
I should get a redirect, either with or without the CSP headers.
Actual behavior
RuntimeError at /author/top_authors
Missing context for the dynamic content security policy source: #<Proc:0x007f9c9eb655e8@.../config/initializers/content_security_policy.rb:18>
due to missing request.controller_instance
System configuration
Rails version:
5.2.1 Ruby version:
2.3.3
The text was updated successfully, but these errors were encountered:
There is no controller instance when using a redirect route or a
mounted rack application so pass the request object as the context
when resolving dynamic CSP sources in this scenario.
Fixes#34200.
There is no controller instance when using a redirect route or a
mounted rack application so pass the request object as the context
when resolving dynamic CSP sources in this scenario.
Fixes#34200.
(cherry picked from commit a150a02)
Steps to reproduce
proc
. For example:Expected behavior
I should get a redirect, either with or without the CSP headers.
Actual behavior
due to missing
request.controller_instance
System configuration
Rails version:
5.2.1
Ruby version:
2.3.3
The text was updated successfully, but these errors were encountered: