From a23e0947e71240d92c61cfbcc79f20c7a59c4b0c Mon Sep 17 00:00:00 2001
From: Frederic Guillot <fred@miniflux.net>
Date: Fri, 5 Aug 2016 20:50:48 -0400
Subject: [PATCH] Use CSP directive child-src in addition to frame-src

---
 controllers/common.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/controllers/common.php b/controllers/common.php
index 0384e54..36269a8 100644
--- a/controllers/common.php
+++ b/controllers/common.php
@@ -41,6 +41,7 @@ Router\before(function ($action) {
         'media-src' => '*',
         'img-src' => '* data:',
         'frame-src' => Model\Config\get_iframe_whitelist(),
+        'child-src' => Model\Config\get_iframe_whitelist(),
         'referrer' => 'no-referrer',
     ));