Fix cross-origin integrity (#1871)

See <https://glitch.social/users/bea/updates/434>
7 years ago · 0d83569899
parent 515434ed87
commit 0d83569899
5 changed files with 5 additions and 5 deletions
--- a/app/views/home/index.html.haml
+++ b/app/views/home/index.html.haml
@ -1,6 +1,6 @@
 - content_for :header_tags do
  %script#initial-state{:type => 'application/json'}!= json_escape(render(file: 'home/initial_state', formats: :json))

-  = javascript_include_tag 'application', integrity: true
+  = javascript_include_tag 'application', integrity: true, crossorigin: 'anonymous'

 = react_component 'Mastodon', default_props, class: 'app-holder', prerender: false
--- a/app/views/layouts/admin.html.haml
+++ b/app/views/layouts/admin.html.haml
@ -1,5 +1,5 @@
 - content_for :header_tags do
-  = javascript_include_tag 'application_public', integrity: true
+  = javascript_include_tag 'application_public', integrity: true, crossorigin: 'anonymous'

 - content_for :content do
  .admin-wrapper
--- a/app/views/layouts/auth.html.haml
+++ b/app/views/layouts/auth.html.haml
@ -1,5 +1,5 @@
 - content_for :header_tags do
-  = javascript_include_tag 'application_public', integrity: true
+  = javascript_include_tag 'application_public', integrity: true, crossorigin: 'anonymous'

 - content_for :content do
  .container
--- a/app/views/layouts/embedded.html.haml
+++ b/app/views/layouts/embedded.html.haml
@ -3,6 +3,6 @@
  %head
    %meta{:charset => 'utf-8'}/
    = stylesheet_link_tag 'application', media: 'all'
-    = javascript_include_tag 'application_public', integrity: true
+    = javascript_include_tag 'application_public', integrity: true, crossorigin: 'anonymous'
  %body.embed
    = yield
--- a/app/views/layouts/public.html.haml
+++ b/app/views/layouts/public.html.haml
@ -1,5 +1,5 @@
 - content_for :header_tags do
-  = javascript_include_tag 'application_public', integrity: true
+  = javascript_include_tag 'application_public', integrity: true, crossorigin: 'anonymous'

 - content_for :content do
  .container= yield