diff options
| -rw-r--r-- | config/initializers/secure_headers.rb | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/config/initializers/secure_headers.rb b/config/initializers/secure_headers.rb index 7ac4c7ace8e..075a5fc1876 100644 --- a/config/initializers/secure_headers.rb +++ b/config/initializers/secure_headers.rb @@ -25,7 +25,7 @@ SecureHeaders::Configuration.default do |config| img_src: %w('self' www.gravatar.com secure.gravatar.com), media_src: %w('none'), object_src: %w('none'), - script_src: %w('unsafe-inline' 'unsafe-eval' 'self' maxcdn.bootstrapcdn.com), + script_src: %w('unsafe-inline' 'self' maxcdn.bootstrapcdn.com), style_src: %w('unsafe-inline' 'self'), base_uri: %w('self'), child_src: %w('self'), |