Commit c0746460 authored by kaniini's avatar kaniini
Browse files

http security: remove form-action from CSP definitions

parent 4ad04325
Pipeline #4502 passed with stages
in 6 minutes and 35 seconds
......@@ -32,7 +32,6 @@ defp csp_string do
"default-src 'none'",
"base-uri 'self'",
"form-action *",
"frame-ancestors 'none'",
"img-src 'self' data: https:",
"media-src 'self' https:",
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment