From 68f7df96d681d83c04beb36a173bd056a0a248cb Mon Sep 17 00:00:00 2001 From: Tom Hughes Date: Thu, 17 May 2018 11:29:06 +0100 Subject: [PATCH 1/1] Add piwik to allowed URIs in connect-src --- config/initializers/secure_headers.rb | 1 + 1 file changed, 1 insertion(+) diff --git a/config/initializers/secure_headers.rb b/config/initializers/secure_headers.rb index 696efc729..bb901e375 100644 --- a/config/initializers/secure_headers.rb +++ b/config/initializers/secure_headers.rb @@ -16,6 +16,7 @@ if defined?(CSP_REPORT_URL) :report_uri => [CSP_REPORT_URL] } + csp_policy[:connect_src] << PIWIK["location"] if defined?(PIWIK) csp_policy[:img_src] << PIWIK["location"] if defined?(PIWIK) csp_policy[:script_src] << PIWIK["location"] if defined?(PIWIK) else -- 2.39.5