Let blob: pass CSP
This commit is contained in:
parent
78391a00c5
commit
6e0b046771
@ -36,7 +36,7 @@ content-security-policy:
|
||||
default-src 'none';
|
||||
base-uri 'self';
|
||||
frame-ancestors 'none';
|
||||
img-src 'self' data: https:;
|
||||
img-src 'self' data: blob: https:;
|
||||
media-src 'self' https:;
|
||||
style-src 'self' 'unsafe-inline';
|
||||
font-src 'self';
|
||||
|
@ -75,7 +75,7 @@ defmodule Pleroma.Plugs.HTTPSecurityPlug do
|
||||
"default-src 'none'",
|
||||
"base-uri 'self'",
|
||||
"frame-ancestors 'none'",
|
||||
"img-src 'self' data: https:",
|
||||
"img-src 'self' data: blob: https:",
|
||||
"media-src 'self' https:",
|
||||
"style-src 'self' 'unsafe-inline'",
|
||||
"font-src 'self'",
|
||||
|
Loading…
Reference in New Issue
Block a user