mirror of
https://github.com/sinatra/sinatra
synced 2023-03-27 23:18:01 -04:00
Turn off CSP by default
/cc mperham/sidekiq#3070 Sorry for breaking stuff, Mike 🙇 🙇 🙇 🙇 🙇 🙇 🙇
This commit is contained in:
parent
0a0932e85e
commit
3c69609543
1 changed files with 5 additions and 2 deletions
|
@ -29,11 +29,14 @@ module Rack
|
|||
end
|
||||
|
||||
Rack::Builder.new do
|
||||
use ::Rack::Protection::RemoteReferrer, options if use_these.include? :remote_referrer
|
||||
# Off by default, unless added
|
||||
use ::Rack::Protection::AuthenticityToken, options if use_these.include? :authenticity_token
|
||||
use ::Rack::Protection::ContentSecurityPolicy, options if use_these.include? :content_security_policy
|
||||
use ::Rack::Protection::FormToken, options if use_these.include? :form_token
|
||||
use ::Rack::Protection::RemoteReferrer, options if use_these.include? :remote_referrer
|
||||
use ::Rack::Protection::StrictTransport, options if use_these.include? :strict_transport
|
||||
use ::Rack::Protection::ContentSecurityPolicy, options unless except.include? :content_security_policy
|
||||
|
||||
# On by default, unless skipped
|
||||
use ::Rack::Protection::FrameOptions, options unless except.include? :frame_options
|
||||
use ::Rack::Protection::HttpOrigin, options unless except.include? :http_origin
|
||||
use ::Rack::Protection::IPSpoofing, options unless except.include? :ip_spoofing
|
||||
|
|
Loading…
Reference in a new issue