File tree Expand file tree Collapse file tree 3 files changed +5
-2
lines changed
Expand file tree Collapse file tree 3 files changed +5
-2
lines changed Original file line number Diff line number Diff line change @@ -2,4 +2,5 @@ source "https://rubygems.org"
22
33gem "rspec"
44gem "rake"
5+ gem 'openssl'
56
Original file line number Diff line number Diff line change 22 remote: https://rubygems.org/
33 specs:
44 diff-lcs (1.6.2 )
5+ openssl (3.3.2 )
56 rake (13.3.1 )
67 rspec (3.13.2 )
78 rspec-core (~> 3.13.0 )
@@ -21,6 +22,7 @@ PLATFORMS
2122 ruby
2223
2324DEPENDENCIES
25+ openssl
2426 rake
2527 rspec
2628
Original file line number Diff line number Diff line change @@ -503,7 +503,7 @@ http {
503503 set $csp_policy "";
504504 set $csp_policy_report "";
505505 if ($http_x_forwarded_proto = "https") {
506- set $csp_policy "upgrade-insecure-requests; frame-ancestors 'none'; script-src 'unsafe-inline'; script-src 'unsafe-eval'; style-src 'unsafe-inline'; default-src https:";
506+ set $csp_policy "frame-ancestors 'none'; script-src 'unsafe-inline'; script-src 'unsafe-eval'; style-src 'unsafe-inline'; default-src https:";
507507 set $csp_policy_report "default-src https:; script-src 'unsafe-inline'; report-uri https://<%= primary_host %> /_csp";
508508 }
509509 add_header X-Content-Type-Options "nosniff";
@@ -517,7 +517,7 @@ http {
517517 proxy_hide_header Cache-Control;
518518 proxy_hide_header Expires;
519519 # 2015 sites and prior had mixed content issues
520- set $csp_policy "upgrade-insecure-requests; frame-ancestors 'none'; default-src https:";
520+ set $csp_policy "upgrade-insecure-requests; frame-ancestors 'none'; script-src 'unsafe-inline'; script-src 'unsafe-eval'; style-src 'unsafe-inline'; default-src https:";
521521 add_header Cache-Control "public, max-age=604800, s-maxage=31536000";
522522 proxy_pass https://2009-2011.rubykaigi.org;
523523 }
You can’t perform that action at this time.
0 commit comments