Skip to content

Commit

Permalink
Use nonced_javascript_include tag
Browse files Browse the repository at this point in the history
  • Loading branch information
oliverguenther committed Aug 19, 2024
1 parent 90ead7f commit 8a5d02a
Show file tree
Hide file tree
Showing 2 changed files with 5 additions and 5 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -41,11 +41,11 @@
document.getElementById('submit_captcha').submit();
}
<% end %>
<% elsif recaptcha_settings['captcha_type'] == ::OpenProject::Recaptcha::TYPE_TURNSTILE %>
<% elsif recaptcha_settings['recaptcha_type'] == ::OpenProject::Recaptcha::TYPE_TURNSTILE %>
<% input_name = "turnstile-response" %>
<input type="hidden" name="<%= input_name %>" />
<script src="https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback" defer></script>
<%= nonced_javascript_include_tag "https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback" %>

<div id="turnstile-container"></div>
<%= nonced_javascript_tag do %>
function submitTurnstileForm(token) {
Expand All @@ -54,7 +54,7 @@
input.value = token;
document.getElementById('submit_captcha').submit();
}

window.onloadTurnstileCallback = function () {
turnstile.render('#turnstile-container', {
sitekey: '<%= recaptcha_settings['website_key'] %>',
Expand Down
2 changes: 1 addition & 1 deletion modules/recaptcha/lib/open_project/recaptcha/engine.rb
Original file line number Diff line number Diff line change
Expand Up @@ -43,7 +43,7 @@ class Engine < ::Rails::Engine

SecureHeaders::Configuration.named_append(:turnstile) do
value = %w(https://challenges.cloudflare.com)
keys = %i(frame_src script_src style_src connect_src)
keys = %i(frame_src style_src connect_src)

keys.index_with value
end
Expand Down

0 comments on commit 8a5d02a

Please sign in to comment.