mirror of
https://github.com/Part-DB/Part-DB-server.git
synced 2025-12-24 20:09:31 +00:00
Implemented a Content-Security-Policy which disallows external and inline scripts
This commit is contained in:
Jan Böhmer
parent
89d64b7565
commit
529cf1dff1
2 changed files with 35 additions and 0 deletions
|
|
@ -8,6 +8,12 @@ scan_qr:
|
|||
path: /scan/{type}/{id}
|
||||
controller: App\Controller\ScanController:scanQRCode
|
||||
|
||||
csp_report:
|
||||
path: /csp/report
|
||||
methods: [POST]
|
||||
defaults: { _controller: nelmio_security.csp_reporter_controller::indexAction }
|
||||
|
||||
# Must be last as it matches everything
|
||||
redirector:
|
||||
path: /{url}
|
||||
requirements:
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue