Commit graph

6 commits

Author SHA1 Message Date
Alf Eaton
1be43911b4 Merge pull request #3942 from overleaf/prettier-trailing-comma
Set Prettier's "trailingComma" setting to "es5"

GitOrigin-RevId: 9f14150511929a855b27467ad17be6ab262fe5d5
2021-04-28 02:10:01 +00:00
Alf Eaton
2621a1d5bb Merge pull request #3933 from overleaf/ae-csp-report-percentage
Add CSP_REPORT_PERCENTAGE

GitOrigin-RevId: 4afde0da6e3660c83df8c5c9cd31a3f246e9e572
2021-04-22 02:09:40 +00:00
Alf Eaton
dcd6bd347f Use the full (relative) view path for CSP exclusion (#3916)
GitOrigin-RevId: f6828a447abcc550f0c7dfd0fc6fc72f4b5b1f7e
2021-04-17 02:09:56 +00:00
Alf Eaton
1ebc8a79cb Merge pull request #3495 from overleaf/ae-prettier-2
Upgrade Prettier to v2

GitOrigin-RevId: 85aa3fa1acb6332c4f58c46165a43d1a51471f33
2021-04-15 02:05:22 +00:00
Alasdair Smith
676b70b2be Merge pull request #3899 from overleaf/ae-csp-report-sample
Add 'report-sample' to script-src CSP directive

GitOrigin-RevId: 1a2c26339e7ef353a89fc264b0f186a1d313e1bc
2021-04-15 02:05:16 +00:00
Alf Eaton
a5637651b5 Add Content-Security-Policy header (#3783)
* Add Content-Security-Policy header
* Add nonce attribute to script tags
* Use source-map for webpack devtool
* Add ng-csp attribute when CSP is enabled
* Allow overriding CSP settings with environment variables
* Hook into render and allow routes to disable the CSP header

GitOrigin-RevId: a873736a3514198165f1b2f1e18d002b65f20d30
2021-03-26 03:04:55 +00:00