Changeset 3998:48e5fe3e4c22 for inc
- Timestamp:
- 06/30/19 16:10:13 (6 years ago)
- Branch:
- default
- Location:
- inc
- Files:
-
- 2 edited
-
admin/lib.dc.page.php (modified) (1 diff)
-
dbschema/upgrade.php (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
inc/admin/lib.dc.page.php
r3946 r3998 110 110 $csp_prefix . "'self'" . $csp_suffix; 111 111 $csp['script-src'] = $core->blog->settings->system->csp_admin_script ?: 112 $csp_prefix . "'self' 'unsafe- inline' 'unsafe-eval'" . $csp_suffix;112 $csp_prefix . "'self' 'unsafe-eval'" . $csp_suffix; 113 113 $csp['style-src'] = $core->blog->settings->system->csp_admin_style ?: 114 114 $csp_prefix . "'self' 'unsafe-inline'" . $csp_suffix; -
inc/dbschema/upgrade.php
r3896 r3998 671 671 @unlink(DC_ROOT . '/' . $f); 672 672 } 673 674 // Remove unsafe-inline from CSP script directives 675 $strReq = 'UPDATE ' . $core->prefix . 'setting ' . 676 " SET setting_value = REPLACE(setting_value, \"'unsafe-inline'\", '') " . 677 " WHERE setting_id = 'csp_admin_script' " . 678 " AND setting_ns = 'system' "; 679 $core->con->execute($strReq); 673 680 } 674 681
Note: See TracChangeset
for help on using the changeset viewer.