lib/bullet/rack.rb in bullet-7.1.0 vs lib/bullet/rack.rb in bullet-7.1.1
- old
+ new
@@ -47,10 +47,11 @@
# fix issue if response's body is a Proc
def empty?(response)
# response may be ["Not Found"], ["Move Permanently"], etc, but
# those should not happen if the status is 200
return true if !response.respond_to?(:body) && !response.respond_to?(:first)
+
body = response_body(response)
body.nil? || body.empty?
end
def append_to_html_body(response_body, content)
@@ -133,10 +134,11 @@
"<script type='text/javascript'>#{script}</script>"
end
end
def with_security_policy_nonce(headers)
- matched = (headers['Content-Security-Policy'] || '').match(NONCE_MATCHER)
+ csp = headers['Content-Security-Policy'] || headers['Content-Security-Policy-Report-Only'] || ''
+ matched = csp.match(NONCE_MATCHER)
nonce = matched[:nonce] if matched
if nonce
console_enabled = UniformNotifier.console
alert_enabled = UniformNotifier.alert