Fix form-action CSP directive for external login (#20962)
This commit is contained in:
parent
4ae97a2e4c
commit
48e136605a
1 changed files with 4 additions and 0 deletions
|
@ -14,6 +14,10 @@ class Auth::SessionsController < Devise::SessionsController
|
||||||
before_action :set_instance_presenter, only: [:new]
|
before_action :set_instance_presenter, only: [:new]
|
||||||
before_action :set_body_classes
|
before_action :set_body_classes
|
||||||
|
|
||||||
|
content_security_policy only: :new do |p|
|
||||||
|
p.form_action(false)
|
||||||
|
end
|
||||||
|
|
||||||
def check_suspicious!
|
def check_suspicious!
|
||||||
user = find_user
|
user = find_user
|
||||||
@login_is_suspicious = suspicious_sign_in?(user) unless user.nil?
|
@login_is_suspicious = suspicious_sign_in?(user) unless user.nil?
|
||||||
|
|
Loading…
Reference in a new issue