X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/e222329d043592af299eed12cf6ad16969c1b46f..0c13214cd07416fbc4f8c9e20a827a3ae227842f:/app/controllers/oauth2_authorizations_controller.rb?ds=inline diff --git a/app/controllers/oauth2_authorizations_controller.rb b/app/controllers/oauth2_authorizations_controller.rb index 9c2bce2d1..dca95de4e 100644 --- a/app/controllers/oauth2_authorizations_controller.rb +++ b/app/controllers/oauth2_authorizations_controller.rb @@ -3,6 +3,13 @@ class Oauth2AuthorizationsController < Doorkeeper::AuthorizationsController prepend_before_action :authorize_web before_action :set_locale + before_action :allow_all_form_action, :only => [:new] authorize_resource :class => false + + private + + def allow_all_form_action + override_content_security_policy_directives(:form_action => []) if Settings.csp_enforce || Settings.key?(:csp_report_url) + end end