10dc425e8e
The `'wasm-unsafe-eval'` keyword for the Content Security Policy allows the loading and execution of WebAssembly modules without the need to allow unsafe JavaScript execution via `'unsafe-eval'`. A mapping is added so that the symbol `:wasm_unsafe_evel` can be used for this keyword in the policy configuration in `config/initializers/content_security_policy.rb`.
333 B
333 B
-
Add
:wasm_unsafe_eval
mapping forcontent_security_policy
# Before policy.script_src "'wasm-unsafe-eval'" # After policy.script_src :wasm_unsafe_eval
Joe Haig
Please check 7-2-stable for previous changes.