Skip to content

Commit 0836a94

Browse files
StaberindeZAStaberindeZA
authored
Merge pull request #19505 from mozilla/pay-3303-paypal-csp
fix(next): update form-action csp with paypal
2 parents af6ef24 + 5ff10e8 commit 0836a94

3 files changed

Lines changed: 12 additions & 12 deletions

File tree

apps/payments/next/middleware.ts

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -53,7 +53,7 @@ export function middleware(request: NextRequest) {
5353
font-src 'self';
5454
object-src 'none';
5555
base-uri 'self';
56-
form-action 'self';
56+
form-action 'self' ${PAYPAL_API_URL};
5757
frame-ancestors 'none';
5858
upgrade-insecure-requests;
5959
`;

package.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -74,7 +74,7 @@
7474
"@opentelemetry/sdk-trace-base": "^2.0.0",
7575
"@opentelemetry/sdk-trace-node": "^2.0.0",
7676
"@opentelemetry/sdk-trace-web": "^2.0.0",
77-
"@paypal/react-paypal-js": "^8.7.0",
77+
"@paypal/react-paypal-js": "^8.9.1",
7878
"@radix-ui/react-dialog": "^1.1.14",
7979
"@radix-ui/react-form": "^0.1.0",
8080
"@radix-ui/react-tooltip": "^1.1.2",

yarn.lock

Lines changed: 10 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -12516,25 +12516,25 @@ __metadata:
1251612516
languageName: node
1251712517
linkType: hard
1251812518

12519-
"@paypal/paypal-js@npm:^8.1.2":
12520-
version: 8.2.0
12521-
resolution: "@paypal/paypal-js@npm:8.2.0"
12519+
"@paypal/paypal-js@npm:^8.4.0":
12520+
version: 8.4.2
12521+
resolution: "@paypal/paypal-js@npm:8.4.2"
1252212522
dependencies:
1252312523
promise-polyfill: "npm:^8.3.0"
12524-
checksum: 10c0/84cd3ca6db0f8a2f1686a8a78b53fa26429b5660175e49750fc2d68c4324b1a52b367b155a5bd8cd0eaf8aae66832308c491ff5047197bccd510a07e0b72b3c7
12524+
checksum: 10c0/a8764d1d834ed1b7bac75acdd04af923af2b2ea78d059bf90225715b03327d3d228295f0da7c8ea0c6ee06ea498c4ea7a4e13e6e5ce318e2da1cf9160b0ec522
1252512525
languageName: node
1252612526
linkType: hard
1252712527

12528-
"@paypal/react-paypal-js@npm:^8.7.0":
12529-
version: 8.8.3
12530-
resolution: "@paypal/react-paypal-js@npm:8.8.3"
12528+
"@paypal/react-paypal-js@npm:^8.9.1":
12529+
version: 8.9.1
12530+
resolution: "@paypal/react-paypal-js@npm:8.9.1"
1253112531
dependencies:
12532-
"@paypal/paypal-js": "npm:^8.1.2"
12532+
"@paypal/paypal-js": "npm:^8.4.0"
1253312533
"@paypal/sdk-constants": "npm:^1.0.122"
1253412534
peerDependencies:
1253512535
react: ^16.8.0 || ^17 || ^18 || ^19
1253612536
react-dom: ^16.8.0 || ^17 || ^18 || ^19
12537-
checksum: 10c0/3084ac62c2e7c368702a54896b65f23cd1c020cdaad75f26e4c4f19c4b1b9b9956a40d18aa2525727fd4247abaf79963431752c5637a7a4a6f5fb3e47b678636
12537+
checksum: 10c0/965586d4e78ab698b5f68d2f9fdc315d702aeb5f73ee0985ad112fe52eac36d83b163f3f08998c47613ddefd548d733f633632e38ed7f9ed5c3df8b2c15bac7f
1253812538
languageName: node
1253912539
linkType: hard
1254012540

@@ -35159,7 +35159,7 @@ __metadata:
3515935159
"@opentelemetry/sdk-trace-node": "npm:^2.0.0"
3516035160
"@opentelemetry/sdk-trace-web": "npm:^2.0.0"
3516135161
"@opentelemetry/semantic-conventions": "npm:^1.32.0"
35162-
"@paypal/react-paypal-js": "npm:^8.7.0"
35162+
"@paypal/react-paypal-js": "npm:^8.9.1"
3516335163
"@radix-ui/react-dialog": "npm:^1.1.14"
3516435164
"@radix-ui/react-form": "npm:^0.1.0"
3516535165
"@radix-ui/react-tooltip": "npm:^1.1.2"

0 commit comments

Comments
 (0)