dc.ckeditor.behaviors.php

Timestamp:

06/28/19 13:00:12 (6 years ago)

Author:

franck <carnet.franck.paul@…>

Branch:

default

Message:

Set specific CSP for CKEditor 4.x

File:

plugins/dcCKEditor/inc/dc.ckeditor.behaviors.php

-                      r3977
+                      r3988
         return self::$tagsContext;
+    }
+    public static function adminPageHTTPHeaderCSP($csp)
+    {
+        return;
+        // add 'unsafe-inline' for CSS, add 'unsafe-eval' for scripts as far as CKEditor 4.x is used
+        $csp['style-src'] .= " 'unsafe-inline'";
+        $csp['script-src'] .= " 'unsafe-inline' 'unsafe-eval'";
+    }
+}

Note: See TracChangeset for help on using the changeset viewer.