update floatThead and drop CSP unsafe-inline requirement

jelhan · jelhan · commit e735587c93e8 · 2016-08-23T11:43:58.000+02:00
Closes #90
diff --git a/app/components/poll-evaluation-participants-table.js b/app/components/poll-evaluation-participants-table.js
@@ -8,15 +8,15 @@ export default Ember.Component.extend({
        * adding floatThead jQuery plugin to poll table
        * https://mkoryak.github.io/floatThead/
        *
-       * scrollingTop:
-       *   Offset from the top of the window where the floating header will
+       * top:
+       *   Offset from the top of the `window` where the floating header will
        *   'stick' when scrolling down
        * Since we are adding a browser horizontal scrollbar on top, scrollingTop
        * has to be set to height of horizontal scrollbar which depends on
        * used browser
        */
       Ember.$('.user-selections-table').floatThead({
-        'scrollingTop': this.getScrollbarHeight
+        top: this.getScrollbarHeight
       });
 
       /*
diff --git a/bower.json b/bower.json
@@ -8,7 +8,7 @@
     "sjcl": "~1.0.0",
     "bootstrap": "~3.3.5",
     "bootstrap-datepicker": "~1.4.0",
-    "floatThead": "1.2.12",
+    "floatThead": "^1.4.3",
     "jstimezonedetect": "~1.0.5",
     "ember-cli-moment-shim": "~0.2.0",
     "moment-timezone": ">= 0.1.0",
diff --git a/config/environment.js b/config/environment.js
@@ -18,7 +18,7 @@ module.exports = function(environment) {
       'font-src': "'self'",
       'connect-src': "'self'",
       'img-src': "'self'",
-      'style-src': "'self' 'unsafe-inline'",
+      'style-src': "'self'",
       'media-src': "'self'"
     },
 
diff --git a/public/.htaccess b/public/.htaccess
@@ -1,5 +1,5 @@
 # Content Security Policy-Headers
 # you have to enable apache module headers to get them working
-#Header set Content-Security-Policy "default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline';"
-#Header set X-Content-Security-Policy "default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline';"
-#Header set X-Webkit-CSP "default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline';"
+#Header set Content-Security-Policy "default-src 'self';"
+#Header set X-Content-Security-Policy "default-src 'self';"
+#Header set X-Webkit-CSP "default-src 'self';"
diff --git a/tests/acceptance/view-evaluation-test.js b/tests/acceptance/view-evaluation-test.js
@@ -243,7 +243,7 @@ test('evaluation is correct for MakeAPoll', function(assert) {
       'has a table showing user selections'
     );
     assert.deepEqual(
-      find('.user-selections-table thead th').map((i, el) => $(el).text().trim()).get(),
+      find('.user-selections-table.floatThead-table thead th').map((i, el) => $(el).text().trim()).get(),
       ['', 'first option', 'second option'],
       'dates are used as table headers'
     );
