(stable) Fix Content-Security-Policy headers on "Email Login" page
8d856af7261c
Actions

Description

(stable) Fix Content-Security-Policy headers on "Email Login" page

Summary:
In D20100, I changed this page from returning a newPage() with a dialog as its content to returning a more modern newDialog().

However, the magic to add stuff to the CSP header is actually only on the newPage() pathway today, so this accidentally dropped the extra "Content-Security-Policy" rule for Google.

Lift the magic up one level so both Dialog and Page responses hit it.

Test Plan:

Configured Recaptcha.
Between D20100 and this patch: got a CSP error on the Email Login page.
After this patch: clicked all the pictures of cars / store fronts.

Reviewers: amckinley

Reviewed By: amckinley

Differential Revision: https://secure.phabricator.com/D20163

Details

Provenance

epriestley	Authored on Feb 13 2019, 11:25 PM
epriestley	Pushed on Feb 14 2019, 8:54 PM

Reviewer

amckinley

Differential Revision

D20163: Fix Content-Security-Policy headers on "Email Login" page

Parents

rP9e0a954324e5: (stable) Fix "AphrontRequest->getRequestURI()" for requests with "x[]=1"…

Branches

Unknown

Tags

Unknown

Build Status

Buildable 22012
Build 30067: Run Core Tests

Event Timeline

epriestley committed rP8d856af7261c: (stable) Fix Content-Security-Policy headers on "Email Login" page (authored by epriestley).Feb 14 2019, 8:54 PM

Harbormaster completed building B22012: rP8d856af7261c: (stable) Fix Content-Security-Policy headers on "Email Login" page.Feb 14 2019, 8:56 PM

Changes (2)

Path

Size

src/

aphront/

sink/

AphrontHTTPSink.php

view/

page/

PhabricatorStandardPageView.php

rP8d856af7261c

View Options

src/aphront/sink/AphrontHTTPSink.php