]> git.openstreetmap.org Git - rails.git/blobdiff - app/controllers/site_controller.rb
Merge remote-tracking branch 'upstream/pull/4849'
[rails.git] / app / controllers / site_controller.rb
index 8b742a585c0e8f7519fb1019222cbcf88216e513..15ffe58a2616765eac3b34474b9dd0542447cb33 100644 (file)
@@ -19,6 +19,7 @@ class SiteController < ApplicationController
   content_security_policy(:only => :id) do |policy|
     policy.connect_src("*")
     policy.img_src(*policy.img_src, "*", :blob)
+    policy.script_src(*policy.script_src, :unsafe_eval)
     policy.style_src(*policy.style_src, :unsafe_inline)
   end