Discource-C
/
discourse
mirror of https://github.com/discourse/discourse.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

allow CSP reports to be sent when header isn't set by Discourse (#6594)

This commit is contained in:
Leo McArdle 2018-11-14 21:23:29 +00:00 committed by Kyle Zhao
parent 4bac77800a
commit 7bc121a065
2 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/controllers/csp_reports_controller.rb
View File

@ -30,6 +30,6 @@ class CspReportsController < ApplicationController
end end
def report_collection_enabled? def report_collection_enabled?
ContentSecurityPolicy.enabled? && SiteSetting.content_security_policy_collect_reports SiteSetting.content_security_policy_collect_reports
end end
end end

2
spec/requests/csp_reports_controller_spec.rb
View File

@ -37,7 +37,7 @@ describe CspReportsController do
SiteSetting.content_security_policy_report_only = false SiteSetting.content_security_policy_report_only = false
SiteSetting.content_security_policy_collect_reports = true SiteSetting.content_security_policy_collect_reports = true
send_report send_report
expect(response.status).to eq(404) expect(response.status).to eq(200)
SiteSetting.content_security_policy = true SiteSetting.content_security_policy = true
send_report send_report