overleaf/services/web/app/views/project/list/front-chat.pug at 7a36373a0f840c96508c2c4af644620ab78a04f5 - github/overleaf - Brandon Rozek's Git Repositories

github/overleaf

mirror of https://github.com/overleaf/overleaf.git synced 2024-10-31 21:21:03 -04:00

Alf Eaton a5637651b5 Add Content-Security-Policy header (#3783 )

* Add Content-Security-Policy header
* Add nonce attribute to script tags
* Use source-map for webpack devtool
* Add ng-csp attribute when CSP is enabled
* Allow overriding CSP settings with environment variables
* Hook into render and allow routes to disable the CSP header

GitOrigin-RevId: a873736a3514198165f1b2f1e18d002b65f20d30

2021-03-26 03:04:55 +00:00

4 lines

232 B

Text

Raw Blame History

 if (frontChatWidgetRoomId)
 	script(type="text/javascript", nonce=scriptNonce).
 		window.FCSP = '#{frontChatWidgetRoomId}';
 	script(type="text/javascript", nonce=scriptNonce, src="https://chat-assets.frontapp.com/v1/chat.bundle.js")