Skip to content

Commit 10a8b36

Browse files
stefansundinstefansundin
committed
Content-Security-Policy: Set base-uri none.
1 parent 01abce0 commit 10a8b36

File tree

1 file changed

+1
-0
lines changed

1 file changed

+1
-0
lines changed

config/initializers/10-secure_headers.rb

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -18,6 +18,7 @@
1818
config.referrer_policy = "no-referrer"
1919
config.csp = {
2020
default_src: %w('none'),
21+
base_src: %w('none'),
2122
script_src: SecureHeaders::OPT_OUT,
2223
upgrade_insecure_requests: true,
2324
}

0 commit comments

Comments
 (0)