Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- before_filter :set_csp
- def set_csp
- csp = "default-src 'self';"
- csp += "script-src 'self' 'unsafe-inline' 'unsafe-eval' https://yandex.st/swfobject;"
- csp += "style-src 'self' 'unsafe-inline';"
- csp += "frame-src 'self' https://www.youtube.com https://video.serials.today http://blackoctopus.cc http://moonwalk.cc"
- response.headers['Content-Security-Policy'] = csp
- end
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement