Merge pull request #1712 from tenpura-shrimp/bumpvideojs
Bump videojs and fix webworker
This commit is contained in:
commit
82da5cfd01
5 changed files with 17 additions and 16 deletions
2
assets/css/video-js.min.css
vendored
2
assets/css/video-js.min.css
vendored
File diff suppressed because one or more lines are too long
|
@ -1,3 +0,0 @@
|
|||
// Disable Web Workers. Fixes Video.js CSP violation (created by `new Worker(objURL)`):
|
||||
// Refused to create a worker from 'blob:http://host/id' because it violates the following Content Security Policy directive: "worker-src 'self'".
|
||||
window.Worker = undefined;
|
25
assets/js/video.min.js
vendored
25
assets/js/video.min.js
vendored
File diff suppressed because one or more lines are too long
|
@ -217,7 +217,7 @@ before_all do |env|
|
|||
extra_media_csp += " https://*.youtube.com:443"
|
||||
end
|
||||
# TODO: Remove style-src's 'unsafe-inline', requires to remove all inline styles (<style> [..] </style>, style=" [..] ")
|
||||
env.response.headers["Content-Security-Policy"] = "default-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:; connect-src 'self'; manifest-src 'self'; media-src 'self' blob:#{extra_media_csp}"
|
||||
env.response.headers["Content-Security-Policy"] = "default-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:; connect-src 'self'; manifest-src 'self'; media-src 'self' blob:#{extra_media_csp}; child-src blob:"
|
||||
env.response.headers["Referrer-Policy"] = "same-origin"
|
||||
|
||||
if (Kemal.config.ssl || CONFIG.https_only) && CONFIG.hsts
|
||||
|
|
|
@ -3,7 +3,6 @@
|
|||
<link rel="stylesheet" href="/css/videojs.markers.min.css?v=<%= ASSET_COMMIT %>">
|
||||
<link rel="stylesheet" href="/css/videojs-share.css?v=<%= ASSET_COMMIT %>">
|
||||
<link rel="stylesheet" href="/css/videojs-vtt-thumbnails.css?v=<%= ASSET_COMMIT %>">
|
||||
<script src="/js/global.js?v=<%= ASSET_COMMIT %>"></script>
|
||||
<script src="/js/video.min.js?v=<%= ASSET_COMMIT %>"></script>
|
||||
<script src="/js/videojs-contrib-quality-levels.min.js?v=<%= ASSET_COMMIT %>"></script>
|
||||
<script src="/js/videojs-http-source-selector.min.js?v=<%= ASSET_COMMIT %>"></script>
|
||||
|
|
Loading…
Reference in a new issue