modules/web/templates/adblockplus.org.conf.erb - Issue 5649911861215232: Issue 2301 - Fix bogus escaping in previous commit

Keyboard Shortcuts

	File
u :	up to issue
m :	publish + mail comments
M :	edit review message
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line
<Enter> :	respond to / edit current comment
d :	mark current comment as done

	Issue
u :	up to list of issues
m :	publish + mail comments
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue
# :	close issue

	Comment/message editing
<Ctrl> + s or <Ctrl> + Enter :	save comment
<Esc> :	cancel edit

Unified Diff: modules/web/templates/adblockplus.org.conf.erb

Issue 5649911861215232: Issue 2301 - Fix bogus escaping in previous commit (Closed)

Patch Set: Created April 16, 2015, 12:19 p.m.

Use n/p to move between diff chunks; N/P to move between comments.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: modules/web/templates/adblockplus.org.conf.erb

===================================================================

--- a/modules/web/templates/adblockplus.org.conf.erb

+++ b/modules/web/templates/adblockplus.org.conf.erb

@@ -1,16 +1,16 @@

# XSS and clickjacking prevention headers

set $csp_frame "";

{

set $csp_frame "; frame-src www.youtube-nocookie.com;";

}

-add_header Content-Security-Policy "default-src \'self\'; img-src * data:; style-src \'self\' \'unsafe-inline\'; script-src \'self\' \'unsafe-inline\' \'unsafe-eval\' $csp_frame";

+add_header Content-Security-Policy "default-src 'self'; img-src * data:; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' $csp_frame";

add_header X-Frame-Options "sameorigin";

# User agent sniffing

set $user_agent "";

if ($http_user_agent ~ \bGecko/\d+)

{

set $user_agent "firefox";

@@ -51,17 +51,17 @@ if ($http_user_agent ~ \bYaBrowser/\d+)

{

set $user_agent "yandex-browser";

}

if ($http_user_agent ~ \bMaxthon/\d+)

{

set $user_agent "maxthon";

}

-sub_filter \' id="content" class="\' \' id="content" class="ua-$user_agent \';

+sub_filter ' id="content" class="' ' id="content" class="ua-$user_agent ';

set $index_page "firefox";

if ($user_agent != "")

{

set $index_page $user_agent;

}

# Various redirects

« no previous file with comments | « no previous file | no next file » | no next file with comments »