From 1a47589707f980175e37d7f2415e807d698be5ae Mon Sep 17 00:00:00 2001 From: Timmy Willison Date: Mon, 9 Dec 2024 10:28:24 -0500 Subject: [PATCH] All: enable CSP report header on production sites - disable style tag added in WordPress 6.7 Ref https://github.com/jquery/infrastructure-puppet/issues/54 Closes gh-473 --- plugins/jquery-filters.php | 4 ++++ themes/contribute.jquery.org/functions.php | 2 +- themes/jquery/functions.php | 3 --- 3 files changed, 5 insertions(+), 4 deletions(-) diff --git a/plugins/jquery-filters.php b/plugins/jquery-filters.php index 734810e3..b7edbda8 100644 --- a/plugins/jquery-filters.php +++ b/plugins/jquery-filters.php @@ -88,6 +88,10 @@ return 1024 * 1024; } ); +// Disable the new image sizes feature. +// It adds a style tag that would require a CSP exception. +add_filter( 'wp_img_tag_add_auto_sizes', '__return_false' ); + // Allow full HTML in term descriptions. add_action( 'init', 'jquery_unfiltered_html_for_term_descriptions' ); add_action( 'set_current_user', 'jquery_unfiltered_html_for_term_descriptions' ); diff --git a/themes/contribute.jquery.org/functions.php b/themes/contribute.jquery.org/functions.php index 3c94ddef..d5b39a4e 100644 --- a/themes/contribute.jquery.org/functions.php +++ b/themes/contribute.jquery.org/functions.php @@ -1,7 +1,7 @@