summaryrefslogtreecommitdiffstats
path: root/Bugzilla/CGI.pm
diff options
context:
space:
mode:
Diffstat (limited to 'Bugzilla/CGI.pm')
-rw-r--r--Bugzilla/CGI.pm8
1 files changed, 4 insertions, 4 deletions
diff --git a/Bugzilla/CGI.pm b/Bugzilla/CGI.pm
index 248ee12cb..ea8d96da8 100644
--- a/Bugzilla/CGI.pm
+++ b/Bugzilla/CGI.pm
@@ -34,9 +34,9 @@ BEGIN {
sub DEFAULT_CSP {
my %policy = (
default_src => [ 'self' ],
- script_src => [ 'self', 'unsafe-inline', 'unsafe-eval' ],
+ script_src => [ 'self', 'unsafe-inline', 'unsafe-eval', 'https://www.google-analytics.com' ],
child_src => [ 'self', ],
- img_src => [ 'self', 'https://secure.gravatar.com' ],
+ img_src => [ 'self', 'https://secure.gravatar.com', 'https://www.google-analytics.com' ],
style_src => [ 'self', 'unsafe-inline' ],
object_src => [ 'none' ],
form_action => [
@@ -61,9 +61,9 @@ sub DEFAULT_CSP {
sub SHOW_BUG_MODAL_CSP {
my ($bug_id) = @_;
my %policy = (
- script_src => ['self', 'nonce', 'unsafe-inline', 'unsafe-eval' ],
+ script_src => ['self', 'nonce', 'unsafe-inline', 'unsafe-eval', 'https://www.google-analytics.com' ],
object_src => [correct_urlbase() . "extensions/BugModal/web/ZeroClipboard/ZeroClipboard.swf"],
- img_src => [ 'self', 'https://secure.gravatar.com' ],
+ img_src => [ 'self', 'https://secure.gravatar.com', 'https://www.google-analytics.com' ],
connect_src => [
'self',
# This is from extensions/OrangeFactor/web/js/orange_factor.js
generated by cgit v1.2.3-24-g4f1b (git 2.32.0) at 2024-11-13 14:40:58 +0100