Unverified Commit 1b03265c authored by Alex Tribble's avatar Alex Tribble Committed by Benjamin Neff
Browse files

Allow fonts to be served from asset host in CSP. 

Closes #7796

closes #7825
parent fa615533

Changelog.md

+1 −0
Original line number Diff line number Diff line
@@ -7,6 +7,7 @@ 


## Bug fixes

* Fix compatibility with newer glibc versions [#7828](https://github.com/diaspora/diaspora/pull/7828)

* Allow fonts to be served from asset host in CSP [#7825](https://github.com/diaspora/diaspora/pull/7825)



## Features

config/initializers/secure_headers.rb

+1 −0
Original line number Diff line number Diff line
@@ -21,6 +21,7 @@ SecureHeaders::Configuration.default do |config| 


  if AppConfig.environment.assets.host.present?

    asset_host = Addressable::URI.parse(AppConfig.environment.assets.host.get).host

    csp[:font_src] << asset_host

    csp[:script_src] << asset_host

    csp[:style_src] << asset_host

  end