TheDude
/
openproject
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Allow sameorigin iframe for help modal

Browse Source 
We may want to remove that
pull/5884/head
Oliver Günther 7 years ago
parent b62f0491aa
commit 33eeb8c0df
No known key found for this signature in database
GPG Key ID: 88872239EB414F99
2 changed files with 2 additions and 1 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 2
      config/initializers/secure_headers.rb
  2. 1
      spec/features/accessibility/work_packages/work_package_query_spec.rb

2
config/initializers/secure_headers.rb
Unescape View File

@ -5,7 +5,7 @@ SecureHeaders::Configuration.default do |config|
} }
# Add "; preload" and submit the site to hstspreload.org for best protection. # Add "; preload" and submit the site to hstspreload.org for best protection.
config.hsts = "max-age=#{20.years.to_i}; includeSubdomains" config.hsts = "max-age=#{20.years.to_i}; includeSubdomains"
config.x_frame_options = "DENY" config.x_frame_options = "SAMEORIGIN"
config.x_content_type_options = "nosniff" config.x_content_type_options = "nosniff"
config.x_xss_protection = "1; mode=block" config.x_xss_protection = "1; mode=block"
config.x_permitted_cross_domain_policies = "none" config.x_permitted_cross_domain_policies = "none"

1
spec/features/accessibility/work_packages/work_package_query_spec.rb
Unescape View File

@ -200,6 +200,7 @@ describe 'Work package index accessibility', type: :feature, selenium: true do
context 'help' do context 'help' do
it 'opens help popup with \'?\'' do it 'opens help popup with \'?\'' do
expect_angular_frontend_initialized
find('body').native.send_keys('?') find('body').native.send_keys('?')
expect(page).to have_selector('.ui-dialog', wait: 20) expect(page).to have_selector('.ui-dialog', wait: 20)
end end

Write Preview
Loading…
Cancel
Save