Fix form-action CSP directive for external login (#20962)

This commit is contained in:
Claire 2022-11-17 22:59:07 +01:00 committed by GitHub
parent 4ae97a2e4c
commit 48e136605a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -14,6 +14,10 @@ class Auth::SessionsController < Devise::SessionsController
before_action :set_instance_presenter, only: [:new] before_action :set_instance_presenter, only: [:new]
before_action :set_body_classes before_action :set_body_classes
content_security_policy only: :new do |p|
p.form_action(false)
end
def check_suspicious! def check_suspicious!
user = find_user user = find_user
@login_is_suspicious = suspicious_sign_in?(user) unless user.nil? @login_is_suspicious = suspicious_sign_in?(user) unless user.nil?