Change CSP directives to allow data url

2015-08-21 18:18:08 -04:00 · 2015-08-21 18:18:08 -04:00 · 9320a32780
parent 8e9ed2f347
commit 9320a32780
1 changed files with 1 additions and 1 deletions
--- a/controllers/common.php
+++ b/controllers/common.php
@ -48,7 +48,7 @@ Router\before(function($action) {
    // HTTP secure headers
    Response\csp(array(
        'media-src' => '*',
-        'img-src' => '*',
+        'img-src' => '* data:',
        'frame-src' => Model\Config\get_iframe_whitelist(),
        'referrer' => 'no-referrer',
    ));