Fix cross-origin integrity (#1871)

See <https://glitch.social/users/bea/updates/434>

Fix cross-origin integrity (#1871)
0d835698 · Eugen · GitHub · 515434ed · 0d835698 · 0d835698
Commit 0d835698 authored 7 years ago by Eugen Committed by GitHub 7 years ago
--- a/app/views/home/index.html.haml
+++ b/app/views/home/index.html.haml
 - content_for :header_tags do
  %script#initial-state{:type => 'application/json'}!= json_escape(render(file: 'home/initial_state', formats: :json))

-  = javascript_include_tag 'application', integrity: true
+  = javascript_include_tag 'application', integrity: true, crossorigin: 'anonymous'

 = react_component 'Mastodon', default_props, class: 'app-holder', prerender: false
--- a/app/views/layouts/admin.html.haml
+++ b/app/views/layouts/admin.html.haml
 - content_for :header_tags do
-  = javascript_include_tag 'application_public', integrity: true
+  = javascript_include_tag 'application_public', integrity: true, crossorigin: 'anonymous'

 - content_for :content do
  .admin-wrapper

--- a/app/views/layouts/auth.html.haml
+++ b/app/views/layouts/auth.html.haml
 - content_for :header_tags do
-  = javascript_include_tag 'application_public', integrity: true
+  = javascript_include_tag 'application_public', integrity: true, crossorigin: 'anonymous'

 - content_for :content do
  .container

--- a/app/views/layouts/embedded.html.haml
+++ b/app/views/layouts/embedded.html.haml
@@ -3,6 +3,6 @@
  %head
    %meta{:charset => 'utf-8'}/
    = stylesheet_link_tag 'application', media: 'all'
-    = javascript_include_tag 'application_public', integrity: true
+    = javascript_include_tag 'application_public', integrity: true, crossorigin: 'anonymous'
  %body.embed
    = yield
--- a/app/views/layouts/public.html.haml
+++ b/app/views/layouts/public.html.haml
 - content_for :header_tags do
-  = javascript_include_tag 'application_public', integrity: true
+  = javascript_include_tag 'application_public', integrity: true, crossorigin: 'anonymous'

 - content_for :content do
  .container= yield