Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add connect_src example to content security policy initializer #34375

Merged
merged 1 commit into from
Nov 6, 2018
Merged

Add connect_src example to content security policy initializer #34375

merged 1 commit into from
Nov 6, 2018

Conversation

y-yagi
Copy link
Member

@y-yagi y-yagi commented Nov 4, 2018

If want to use webpack-dev-server with CSP enabled, need to specify connect-src.
Related to: rails/webpacker@cd7ecf4

This is a matter of webpacker. But since webpacker is now used by default, to prevent user confusion, I think that better to include an example of connect-src.

@y-yagi
Add connect_src example to content security policy initializer
fd30a32 
If want to use `webpack-dev-server` with CSP enabled, need to specify
`connect-src`.
Related to: rails/webpacker@cd7ecf4

This is a matter of `webpacker`. But since `webpacker` is now used by
default, to prevent user confusion, I think that better to include an
example of `connect-src.`
@rails-bot rails-bot bot added the railties label Nov 4, 2018
@guilleiguaran guilleiguaran merged commit 90ee327 into rails:master Nov 6, 2018
@y-yagi y-yagi deleted the add_connect_src_to_default_csp_initializer branch January 2, 2019 10:59
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gmcgibbon gmcgibbon gmcgibbon left review comments

@guilleiguaran guilleiguaran guilleiguaran approved these changes

Assignees
No one assigned
Labels
railties
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@y-yagi @guilleiguaran @gmcgibbon