Commit Graph

23 Commits (e30c9e92913b0e42a0cef1774ce2038bdc8ee2f6)

Author SHA1 Message Date
Cyril Rohr 27564608db Display a security badge with the installation status 6 years ago
Oliver Günther 8d265e4f84
Allow to load rack-mini-profiler with OPENPROJECT_RACK_PROFILER_ENABLED 6 years ago
Oliver Günther 18b9a7c340
Allow proxy IP to differ from localhost 6 years ago
Jens Ulferts 97ad5e0008
reenable previews 6 years ago
Oliver Günther 3fef1f697d
Add spec for code-block macro 6 years ago
Oliver Günther e3903a70e6
Disable unsafe-eval now that we're on AOT 7 years ago
Oliver Günther 68e184f41f
Add resize helper for resizing images 7 years ago
Jens Ulferts 7da9bde5c8
fix angular cli handling in test 7 years ago
Oliver Günther e1e6b7a959
Extract frontend asset helper building 7 years ago
Oliver Günther 02d44331af
Add ws/http connect_src to dev mode only 7 years ago
Roman Roelofsen ec3728ac14 working dev mode 7 years ago
Oliver Günther 5da004491c
Remove https from default-src 7 years ago
Wieland Lindenthal e5fca5fa65 Limit where crowdin can communicate to. 7 years ago
Oliver Günther dd5d9e1a19
Move crowdin CSP into separate helper to override CSP at runtime 7 years ago
Wieland Lindenthal a6f88f552f Add vimeo as allowed frame-src for introductional video (#6227) 7 years ago
Oliver Günther e2d7c7b070
Allow crowdin in-context with CSP, but add opt-out 7 years ago
Oliver Günther 33eeb8c0df
Allow sameorigin iframe for help modal 7 years ago
Oliver Günther 8c477e5860
Fix more project settings related specs 7 years ago
Oliver Günther 07f92b911a
Allow unsafe-eval for Angular JIT 7 years ago
Oliver Günther 06472450c6
Implement CSP with secure_headers gem 7 years ago