Fix quoting of 'none' in CSP header

The keyword 'none' must be surrounded by single quotes.
Regression introduced by #2168.
This commit is contained in:
Samantaz Fox 2021-06-20 18:43:00 +02:00 committed by GitHub
parent e6bdcff0dd
commit 5a8825d016
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -187,7 +187,7 @@ before_all do |env|
if env.request.resource.starts_with?("/embed")
frame_ancestors = "'self' http: https:"
else
frame_ancestors = "none"
frame_ancestors = "'none'"
end
# TODO: Remove style-src's 'unsafe-inline', requires to remove all