Skip to content

Commit

Permalink
Remove duplicate link. Tweak comment
Browse files Browse the repository at this point in the history
  • Loading branch information
@d7415
d7415 committed May 22, 2023
1 parent 88aacd7 commit bf28628
Showing 1 changed file with 1 addition and 2 deletions.
3 changes: 1 addition & 2 deletions app/Providers/AppServiceProvider.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -115,12 +115,11 @@ public function boot()
*/
LogViewer::auth(function ($request) {
// We must disable unsafe-eval because vue3 used by log-viewer requires it.
// We must disable unsafe-inline because log-viewer uses inline script with parameter to boot.
// We must disable unsafe-inline (and hashes) because log-viewer uses inline script with parameter to boot.
// Those parameters are not know by Lychee if someone modifies the config.
// We only do that in that specific case. It is disabled by default otherwise.
config(['secure-headers.csp.script-src.unsafe-eval' => true]);
config(['secure-headers.csp.script-src.unsafe-inline' => true]);
config(['secure-headers.csp.script-src.unsafe-inline' => true]);
config(['secure-headers.csp.script-src.hashes.sha256' => []]);

// Allow to bypass when debug is ON and when env is dev
Expand Down

0 comments on commit bf28628

Please sign in to comment.