856fca8289
- Configurable via 'ALLOWED_IFRAME_SOURCES' .env option. - Also updated how CSP rules are set, with a single header being used instead of many. - Also applied CSP rules to HTML export outputs. - Updated tests to cover. For #3314
19 lines
No EOL
508 B
PHP
19 lines
No EOL
508 B
PHP
<!doctype html>
|
|
<html lang="{{ config('app.lang') }}">
|
|
<head>
|
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
|
|
<title>@yield('title')</title>
|
|
|
|
@if($cspContent ?? false)
|
|
<meta http-equiv="Content-Security-Policy" content="{{ $cspContent }}">
|
|
@endif
|
|
|
|
@include('common.export-styles', ['format' => $format, 'engine' => $engine ?? ''])
|
|
@include('common.export-custom-head')
|
|
</head>
|
|
<body>
|
|
<div class="page-content">
|
|
@yield('content')
|
|
</div>
|
|
</body>
|
|
</html> |