Commit 01cc93b6 authored by rinpatch's avatar rinpatch

Merge branch 'img-src-blob' into 'develop'

Let blob: pass CSP

See merge request pleroma/pleroma!2427
parents dbc4791d 1bd9749a
......@@ -36,7 +36,7 @@ content-security-policy:
default-src 'none';
base-uri 'self';
frame-ancestors 'none';
img-src 'self' data: https:;
img-src 'self' data: blob: https:;
media-src 'self' https:;
style-src 'self' 'unsafe-inline';
font-src 'self';
......
......@@ -75,7 +75,7 @@ defp csp_string do
"default-src 'none'",
"base-uri 'self'",
"frame-ancestors 'none'",
"img-src 'self' data: https:",
"img-src 'self' data: blob: https:",
"media-src 'self' https:",
"style-src 'self' 'unsafe-inline'",
"font-src 'self'",
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment