Skip to content

Commit a47ec9b

Browse files
php-coderphp-coder
committed
fix: update hash for CSP after HTMX update
Correction for 7bce642 commit. Fix #1844
1 parent 517b510 commit a47ec9b

2 files changed

Lines changed: 3 additions & 3 deletions

File tree

src/main/java/ru/mystamps/web/support/spring/security/ContentSecurityPolicyHeaderWriter.java

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -117,7 +117,7 @@ class ContentSecurityPolicyHeaderWriter implements HeaderWriter {
117117

118118
// - 'sha256-bsV...' is required for '.htmx-indicator{opacity:0} ...' inline CSS
119119
private static final String STYLE_HTMX =
120-
" 'sha256-bsV5JivYxvGywDAZ22EZJKBFip65Ng9xoJVLbBg7bdo='";
120+
" 'sha256-faU7yAF8NxuMTNEwVmBz+VcYeIoBQ2EMHW3WaVxCvnk='";
121121

122122
// - 'unsafe-inline' is required by jquery.min.js (that is using code inside of
123123
// event handlers. We can't use hashing algorithms because they aren't supported

src/test/java/ru/mystamps/web/support/spring/security/ContentSecurityPolicyHeaderWriterTest.java

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -222,7 +222,7 @@ public void onSeriesAddImagePageWithLocalResources() {
222222
+ " https://cdn.jsdelivr.net"
223223
+ " 'self'"
224224
+ " 'sha256-DpmxvnMJIlwkpmmAANZYNzmyfnX2PQCBDO4CB2BFjzU='"
225-
+ " 'sha256-bsV5JivYxvGywDAZ22EZJKBFip65Ng9xoJVLbBg7bdo='"
225+
+ " 'sha256-faU7yAF8NxuMTNEwVmBz+VcYeIoBQ2EMHW3WaVxCvnk='"
226226
+ " 'unsafe-hashes'"
227227
)
228228
.contains("connect-src 'self'")
@@ -252,7 +252,7 @@ public void onSeriesAddImagePageWithResourcesFromCdn() {
252252
+ " https://stamps.filezz.ru"
253253
+ " https://maxcdn.bootstrapcdn.com"
254254
+ " 'sha256-DpmxvnMJIlwkpmmAANZYNzmyfnX2PQCBDO4CB2BFjzU='"
255-
+ " 'sha256-bsV5JivYxvGywDAZ22EZJKBFip65Ng9xoJVLbBg7bdo='"
255+
+ " 'sha256-faU7yAF8NxuMTNEwVmBz+VcYeIoBQ2EMHW3WaVxCvnk='"
256256
+ " 'unsafe-hashes'"
257257
)
258258
.contains(

0 commit comments

Comments
 (0)