Mastodon/config/initializers/content_security_policy.rb at f1a22e33e26f124cb1b3131e56678001b9e43bc3

Files

Rey Tucker 35b2ba5030 Remove form_action from CSP

This trips an issue when trying to authenticate through to
third-party sites, e.g. bridge.joinmastodon.org:

    Refused to send form data to 'https://bridge.joinmastodon.org/'
    because it violates the following Content Security Policy
    directive: "form-action 'self'".

Thread: https://vulpine.club/@digifox/101230933751352042

2018-12-14 08:02:06 +01:00

1.6 KiB

Raw Blame History

View Raw

1.6 KiB Raw Blame History

1.6 KiB

Raw Blame History