senaduka/old-holivud2
1
0
Fork 0
Code Issues Pull Requests 6 Actions Packages Projects Releases Wiki Activity

Upstream sync

Browse Source
This commit is contained in:
Senad Uka
2020-09-06 21:42:50 +02:00
parent f611382e9e
commit e5ac3e9345
22 changed files with 312 additions and 49 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
config/initializers/content_security_policy.rb
View File

@@ -9,12 +9,12 @@ Rails.application.config.content_security_policy do |policy|
policy.font_src :self, :https, :data
policy.img_src :self, :https, :data
policy.object_src :self
policy.script_src :self, :https, AppHost.new.domain_with_port, "https://stream.mux.com", :blob, :unsafe_eval
policy.script_src :self, :https, AppHost.new.domain_with_port, "https://stream.mux.com", "https://demo.nanocosmos.de", :blob, :unsafe_eval
policy.media_src :self, :https, AppHost.new.domain_with_port, "https://stream.mux.com", :data, :blob
# policy.style_src :self, :https, :unsafe_inline
# If you are using webpack-dev-server then specify webpack-dev-server host
# policy.connect_src :self, :https, "http://localhost:3035", "ws://localhost:3035" if Rails.env.development?
policy.connect_src :self, :https, "ws://#{AppHost.new.domain_with_port}", "wss://#{AppHost.new.domain_with_port}"
policy.connect_src :self, :https, "ws://#{AppHost.new.domain_with_port}", "wss://#{AppHost.new.domain_with_port}", "wss://bintu-h5live.nanocosmos.de"
# Specify URI for violation reports
# policy.report_uri "/csp-violation-report-endpoint"