http security: fixed scheme for img-src, media-src (!2605) · Merge requests · Pleroma / pleroma

Maksim requested to merge fix/http_secury_plug into develop May 28, 2020

in dev mode ( http protocol) images via proxy don't loads

Refused to load the image '<URL>' because it violates the following Content Security Policy directive: "img-src 'self' data: blob: https:".

http security: fixed scheme for img-src, media-src