Patch by Holger Just. git-svn-id: https://svn.redmine.org/redmine/trunk@22295 e93f8b46-1217-0410-a6f0-8f06a7374b81tags/5.1.0
@@ -321,4 +321,9 @@ class AttachmentsController < ApplicationController | |||
request.raw_post | |||
end | |||
end | |||
def send_file(path, options={}) | |||
headers['content-security-policy'] = "default-src 'none'; style-src 'unsafe-inline'; sandbox" | |||
super | |||
end | |||
end |
@@ -431,6 +431,11 @@ class RepositoriesController < ApplicationController | |||
end | |||
end | |||
def send_file(path, options={}) | |||
headers['content-security-policy'] = "default-src 'none'; style-src 'unsafe-inline'; sandbox" | |||
super | |||
end | |||
def valid_name?(rev) | |||
return true if rev.nil? | |||
return true if REV_PARAM_RE.match?(rev) |