Allow 'data:' for img src in app CSP
Disallowing base64 images in the app resulted in broken image placeholders for things like pronunciation guides, business reviews, etc.main
parent
35aa02167c
commit
a7bf9728e3
|
@ -51,7 +51,7 @@ app.config['BANG_FILE'] = os.path.join(
|
|||
'bangs.json')
|
||||
app.config['CSP'] = 'default-src \'none\';' \
|
||||
'manifest-src \'self\';' \
|
||||
'img-src \'self\';' \
|
||||
'img-src \'self\' data:;' \
|
||||
'style-src \'self\' \'unsafe-inline\';' \
|
||||
'script-src \'self\';' \
|
||||
'media-src \'self\';' \
|
||||
|
|
Loading…
Reference in New Issue