mirror of
https://github.com/hedgedoc/hedgedoc.git
synced 2024-11-24 18:56:32 -05:00
Cleanup csp.js
Signed-off-by: David Mehren <git@herrmehren.de>
This commit is contained in:
parent
bd44cbc16c
commit
1c0af5f75d
1 changed files with 1 additions and 5 deletions
|
@ -79,10 +79,6 @@ function mergeDirectivesIf (condition, existingDirectives, newDirectives) {
|
|||
}
|
||||
}
|
||||
|
||||
function areAllInlineScriptsAllowed (directives) {
|
||||
return directives.scriptSrc.indexOf('\'unsafe-inline\'') !== -1
|
||||
}
|
||||
|
||||
function addInlineScriptExceptions (directives) {
|
||||
directives.scriptSrc.push(getCspNonce)
|
||||
// TODO: This is the SHA-256 hash of the inline script in build/reveal.js/plugins/notes/notes.html
|
||||
|
@ -91,7 +87,7 @@ function addInlineScriptExceptions (directives) {
|
|||
}
|
||||
|
||||
function getCspNonce (req, res) {
|
||||
return "'nonce-" + res.locals.nonce + "'"
|
||||
return '\'nonce-' + res.locals.nonce + '\''
|
||||
}
|
||||
|
||||
function addUpgradeUnsafeRequestsOptionTo (directives) {
|
||||
|
|
Loading…
Reference in a new issue