msb_52843
/
dalong_mall
1
0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

upgrade shopify response Content-Security-Policy

Browse Source
master
ycfxx 3 years ago
parent eb5ed56488
commit 9c10d05462
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File

4
src/main/java/au/com/royalpay/payment/manage/shopify/support/ShopifyRequestInfoInterceptor.java
Unescape View File

@ -21,7 +21,7 @@ public class ShopifyRequestInfoInterceptor extends HandlerInterceptorAdapter {
if (AnnotatedElementUtils.isAnnotated(method, ShopifyEndpoint.class)) { if (AnnotatedElementUtils.isAnnotated(method, ShopifyEndpoint.class)) {
String shop = request.getParameter("shop"); String shop = request.getParameter("shop");
if (StringUtils.isNotBlank(shop)) { if (StringUtils.isNotBlank(shop)) {
response.addHeader("Content-Security-Policy", "frame-ancestors https://" + shop + ".myshopify.com https://admin.shopify.com"); response.addHeader("Content-Security-Policy", "frame-ancestors 'none'");
} }
} }
} }
@ -32,7 +32,7 @@ public class ShopifyRequestInfoInterceptor extends HandlerInterceptorAdapter {
JSONObject body = JSONObject.parseObject(requestBody); JSONObject body = JSONObject.parseObject(requestBody);
String shop = body.getString("shop_domain"); String shop = body.getString("shop_domain");
if (StringUtils.isNotBlank(shop)) { if (StringUtils.isNotBlank(shop)) {
response.addHeader("Content-Security-Policy", "frame-ancestors https://" + shop + ".myshopify.com https://admin.shopify.com"); response.addHeader("Content-Security-Policy", "frame-ancestors 'none'");
} }
} }
} }

Write Preview
Loading…
Cancel
Save