Change CSP directives to allow data url

This commit is contained in:
Frederic Guillot 2015-08-21 18:18:08 -04:00
parent 8e9ed2f347
commit 9320a32780

View File

@ -48,7 +48,7 @@ Router\before(function($action) {
// HTTP secure headers // HTTP secure headers
Response\csp(array( Response\csp(array(
'media-src' => '*', 'media-src' => '*',
'img-src' => '*', 'img-src' => '* data:',
'frame-src' => Model\Config\get_iframe_whitelist(), 'frame-src' => Model\Config\get_iframe_whitelist(),
'referrer' => 'no-referrer', 'referrer' => 'no-referrer',
)); ));