mirror of
https://github.com/status-im/codimd.git
synced 2025-02-18 19:26:46 +00:00
fix: allow Dropbox dropins in CSP directives
Signed-off-by: Max Wu <jackymaxj@gmail.com>
This commit is contained in:
Max Wu
parent
118b11a4fa
commit
e2c31e4cb3
@ -16,6 +16,10 @@ var defaultDirectives = {
|
|||||||
connectSrc: ['*']
|
connectSrc: ['*']
|
||||||
}
|
}
|
||||||
|
|
||||||
|
var dropboxDirectives = {
|
||||||
|
scriptSrc: ['https://www.dropbox.com']
|
||||||
|
}
|
||||||
|
|
||||||
var cdnDirectives = {
|
var cdnDirectives = {
|
||||||
scriptSrc: ['https://cdnjs.cloudflare.com', 'https://cdn.jsdelivr.net', 'https://cdn.mathjax.org'],
|
scriptSrc: ['https://cdnjs.cloudflare.com', 'https://cdn.jsdelivr.net', 'https://cdn.mathjax.org'],
|
||||||
styleSrc: ['https://cdnjs.cloudflare.com', 'https://cdn.jsdelivr.net', 'https://fonts.googleapis.com'],
|
styleSrc: ['https://cdnjs.cloudflare.com', 'https://cdn.jsdelivr.net', 'https://fonts.googleapis.com'],
|
||||||
@ -37,6 +41,7 @@ CspStrategy.computeDirectives = function () {
|
|||||||
mergeDirectives(directives, config.csp.directives)
|
mergeDirectives(directives, config.csp.directives)
|
||||||
mergeDirectivesIf(config.csp.addDefaults, directives, defaultDirectives)
|
mergeDirectivesIf(config.csp.addDefaults, directives, defaultDirectives)
|
||||||
mergeDirectivesIf(config.useCDN, directives, cdnDirectives)
|
mergeDirectivesIf(config.useCDN, directives, cdnDirectives)
|
||||||
|
mergeDirectivesIf(config.dropbox.appKey, directives, dropboxDirectives)
|
||||||
mergeDirectivesIf(config.csp.addDisqus, directives, disqusDirectives)
|
mergeDirectivesIf(config.csp.addDisqus, directives, disqusDirectives)
|
||||||
mergeDirectivesIf(config.csp.addGoogleAnalytics, directives, googleAnalyticsDirectives)
|
mergeDirectivesIf(config.csp.addGoogleAnalytics, directives, googleAnalyticsDirectives)
|
||||||
if (!areAllInlineScriptsAllowed(directives)) {
|
if (!areAllInlineScriptsAllowed(directives)) {
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user