diff options
Diffstat (limited to 'Bugzilla/CGI.pm')
-rw-r--r-- | Bugzilla/CGI.pm | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/Bugzilla/CGI.pm b/Bugzilla/CGI.pm index b932116a2..a69bdd278 100644 --- a/Bugzilla/CGI.pm +++ b/Bugzilla/CGI.pm @@ -42,6 +42,11 @@ sub DEFAULT_CSP { img_src => [ 'self', 'https://secure.gravatar.com', 'https://www.google-analytics.com' ], style_src => [ 'self', 'unsafe-inline' ], object_src => [ 'none' ], + connect_src => [ + 'self', + # This is from extensions/OrangeFactor/web/js/orange_factor.js + 'https://treeherder.mozilla.org/api/failurecount/', + ], form_action => [ 'self', # used in template/en/default/search/search-google.html.tmpl @@ -69,7 +74,7 @@ sub SHOW_BUG_MODAL_CSP { connect_src => [ 'self', # This is from extensions/OrangeFactor/web/js/orange_factor.js - 'https://brasstacks.mozilla.com/orangefactor/api/count', + 'https://treeherder.mozilla.org/api/failurecount/', ], frame_src => [ 'self', ], worker_src => [ 'none', ], @@ -590,6 +595,9 @@ sub header { "skins/standard/fonts/MaterialIcons-Regular.woff2", ); $headers{'-link'} = join(", ", map { sprintf('</static/v%s/%s>; rel="preload"; as="font"', Bugzilla->VERSION, $_) } @fonts); + if (Bugzilla->params->{google_analytics_tracking_id}) { + $headers{'-link'} .= ', <https://www.google-analytics.com>; rel="preconnect"; crossorigin'; + } } return $self->SUPER::header(%headers) || ""; @@ -684,6 +692,8 @@ sub send_cookie { $paramhash{'-secure'} = 1 if lc( $uri->scheme ) eq 'https'; + $paramhash{'-samesite'} = 'Lax'; + push(@{$self->{'Bugzilla_cookie_list'}}, $self->cookie(%paramhash)); } |