1
0
mirror of https://github.com/moparisthebest/mail synced 2024-11-26 19:02:20 -05:00

Add CSP warning in index.html

This commit is contained in:
Tankred Hase 2014-08-08 14:56:24 +02:00
parent e8ba6e8572
commit 22246677f5

View File

@ -6,6 +6,10 @@
<!-- Theses CSP rules are used as a fallback in runtimes such as Cordova --> <!-- Theses CSP rules are used as a fallback in runtimes such as Cordova -->
<meta http-equiv="Content-Security-Policy" content="default-src 'self' chrome-extension: file: gap:; object-src 'none'; script-src 'self' 'unsafe-eval' chrome-extension: file: gap:; connect-src *; style-src 'self' 'unsafe-inline' chrome-extension: file: gap:; img-src 'self' chrome-extension: file: gap: data:"> <meta http-equiv="Content-Security-Policy" content="default-src 'self' chrome-extension: file: gap:; object-src 'none'; script-src 'self' 'unsafe-eval' chrome-extension: file: gap:; connect-src *; style-src 'self' 'unsafe-inline' chrome-extension: file: gap:; img-src 'self' chrome-extension: file: gap: data:">
<!-- Test CSP with script-src 'unsafe-inline' and warn user -->
<script type="text/javascript">
alert('Warning! Your browser does not support Content-Security-Policy (CSP). If possible please switch to a different browser.');
</script>
<meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=0"> <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=0">
<link rel="stylesheet" media="all" href="css/all.min.css" type="text/css"> <link rel="stylesheet" media="all" href="css/all.min.css" type="text/css">