Homestyx hydra
Diffusion hydra c5772f51dea7

Fix Content-Security-Policy headers on "Email Login" page
c5772f51dea7
Actions

Description

Fix Content-Security-Policy headers on "Email Login" page

Summary:
In D20100, I changed this page from returning a newPage() with a dialog as its content to returning a more modern newDialog().

However, the magic to add stuff to the CSP header is actually only on the newPage() pathway today, so this accidentally dropped the extra "Content-Security-Policy" rule for Google.

Lift the magic up one level so both Dialog and Page responses hit it.

Test Plan:

  • Configured Recaptcha.
  • Between D20100 and this patch: got a CSP error on the Email Login page.
  • After this patch: clicked all the pictures of cars / store fronts.

Reviewers: amckinley

Reviewed By: amckinley

Differential Revision: https://secure.phabricator.com/D20163

Details

Provenance
epriestleyAuthored on Feb 13 2019, 6:25 PM
sirocylPushed on Oct 16 2024, 5:49 AM
Parents
R1:889eca1af94e: Allow a DAO object storage namespace to be forced to a particular value
Branches
Unknown
Tags
Unknown

Event Timeline

Changes (2)

PathSize
src/
aphront/
sink/
view/
page/

R1:c5772f51dea7

View Options

src/aphront/sink/AphrontHTTPSink.php

Loading...
View Options

src/view/page/PhabricatorStandardPageView.php

Loading...
styx copyright 2020 sirocyl / ellie (kymkdd) / ncommander / styx contributors
Use of other names and brands is not intended to reflect a claim of, or right to, use the name or brand.
styx is an operating system using the Linux kernel and components, and "styx Linux" as a phrase does not reflect the inclusion of the Linux brand or trademark in the styx project.
Linux® is the registered trademark of Linus Torvalds in the U.S. and other countries.
Terms and Conditions (TODO: fix this!)