Unfloyded/Legamunt
0
0
Fork 0
Code Activity

Change referrer policy to be controlled by header in web UI (#33214)

Browse source
This commit is contained in:
Eugen Rochko 2024-12-09 23:42:45 +01:00 committed by GitHub
parent 2e35b15b4d
commit 425311e1d9
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
35 changed files with 51 additions and 50 deletions
Download patch file Download diff file Expand all files Collapse all files

2
config/environments/production.rb
View file

@ -153,7 +153,7 @@ Rails.application.configure do
'X-Frame-Options' => 'DENY',
'X-Content-Type-Options' => 'nosniff',
'X-XSS-Protection' => '0',
'Referrer-Policy' => 'same-origin',
'Referrer-Policy' => ENV['ALLOW_REFERRER_ORIGIN'] == 'true' ? 'origin' : 'same-origin',
}
# TODO: Remove once devise-two-factor data migration complete