From: icewind1991 <icewind1991@gmail.com>
Date: Wed, 24 Apr 2013 15:17:42 +0000 (-0700)
Subject: Merge pull request #3111 from owncloud/csp-audio
X-Git-Tag: v6.0.0alpha2~863
X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=3b576c5f779587f8a8f2bf52a2038edbb7e7104f;p=nextcloud-server.git

Merge pull request #3111 from owncloud/csp-audio

Allow loading of external media ressources
---

3b576c5f779587f8a8f2bf52a2038edbb7e7104f
diff --cc config/config.sample.php
index a3b7cbaca46,d85a518634f..72834009201
--- a/config/config.sample.php
+++ b/config/config.sample.php
@@@ -146,12 -146,8 +146,12 @@@ $CONFIG = array
  "remember_login_cookie_lifetime" => 60*60*24*15,
  
  /* Custom CSP policy, changing this will overwrite the standard policy */
- "custom_csp_policy" => "default-src 'self'; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; frame-src *; img-src *; font-src 'self' data:",
+ "custom_csp_policy" => "default-src 'self'; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; frame-src *; img-src *; font-src 'self' data:; media-src *",
  
 +/* Enable/disable X-Frame-Restriction */
 +/* HIGH SECURITY RISK IF DISABLED*/
 +"xframe_restriction" => true,
 +	
  /* The directory where the user data is stored, default to data in the owncloud
   * directory. The sqlite database is also stored here, when sqlite is used.
   */