kotovalexarian-likes-github/mperham--sidekiq
1
0
Fork 0
mirror of https://github.com/mperham/sidekiq.git synced 2022-11-09 13:52:34 -05:00
Code Releases Activity

Add unsafe-inline to allow bucket graph to display (#4031)

Browse source 
The current CSP policy for Sidekiq Web appears to block the inline
script that renders the bucket charts for limits.

This change updates the script CSP rules to match the style CSP rules to
allow the chart to successfully render. In our application this change
made the bucket charts successfully render.

cc: #3913, #4030
This commit is contained in:
Geoff Harcourt 2018-11-28 14:46:07 -05:00 committed by Mike Perham
parent d1b2d00edf
commit 78f3b6854b
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
lib/sidekiq/web/application.rb
View file

@ -17,7 +17,7 @@ module Sidekiq
"manifest-src 'self'", "manifest-src 'self'",
"media-src 'self'", "media-src 'self'",
"object-src 'none'", "object-src 'none'",
"script-src 'self' https: http:", "script-src 'self' https: http: 'unsafe-inline'",
"style-src 'self' https: http: 'unsafe-inline'", "style-src 'self' https: http: 'unsafe-inline'",
"worker-src 'self'", "worker-src 'self'",
"base-uri 'self'" "base-uri 'self'"