Dotclear


Ignore:
Timestamp:
06/30/19 16:10:13 (6 years ago)
Author:
franck <carnet.franck.paul@…>
Branch:
default
Message:

Remove unsafe-inline from CSP script-src directive (install/default/upgrade)

File:
1 edited

Legend:

Unmodified
Added
Removed

  • inc/dbschema/upgrade.php

    r3896 r3998  
    671671                @unlink(DC_ROOT . '/' . $f); 
    672672            } 
     673 
     674            // Remove unsafe-inline from CSP script directives 
     675            $strReq = 'UPDATE ' . $core->prefix . 'setting ' . 
     676                " SET setting_value = REPLACE(setting_value, \"'unsafe-inline'\", '') " . 
     677                " WHERE setting_id = 'csp_admin_script' " . 
     678                " AND setting_ns = 'system' "; 
     679            $core->con->execute($strReq); 
    673680        } 
    674681 
Note: See TracChangeset for help on using the changeset viewer.

Sites map