Merge pull request #19426 from owncloud/fix-legacy-CSP-for-images

Whitelist "data:" in legacy CSP headers
author: Thomas Müller <thomas.mueller@tmit.eu> 2015-09-29 13:17:23 +0200
committer: Thomas Müller <thomas.mueller@tmit.eu> 2015-09-29 13:17:23 +0200
commit: 6414b4b51695affb8a2c5effa9685f46551a4fe8 (patch)
tree: 8d79e6ff55d42ab75e30d39fcfd732f07cbe5868
parent: c269f658eb2ab8a69287a36b3bb923ae071a40d0 (diff)
parent: c4bac1655db175e9a7bfe6ea9a3415dbd05e7a52 (diff)
download: nextcloud-server-6414b4b51695affb8a2c5effa9685f46551a4fe8.tar.gz
nextcloud-server-6414b4b51695affb8a2c5effa9685f46551a4fe8.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/private/response.php b/lib/private/response.php
index f1a429463f2..14ee92972a9 100644
--- a/lib/private/response.php
+++ b/lib/private/response.php
@@ -247,7 +247,7 @@ class OC_Response {
 			. 'script-src \'self\' \'unsafe-eval\'; '
 			. 'style-src \'self\' \'unsafe-inline\'; '
 			. 'frame-src *; '
-			. 'img-src *; '
+			. 'img-src * data:; '
 			. 'font-src \'self\' data:; '
 			. 'media-src *; ' 
 			. 'connect-src *';
author	Thomas Müller <thomas.mueller@tmit.eu>	2015-09-29 13:17:23 +0200
committer	Thomas Müller <thomas.mueller@tmit.eu>	2015-09-29 13:17:23 +0200
commit	6414b4b51695affb8a2c5effa9685f46551a4fe8 (patch)
tree	8d79e6ff55d42ab75e30d39fcfd732f07cbe5868
parent	c269f658eb2ab8a69287a36b3bb923ae071a40d0 (diff)
parent	c4bac1655db175e9a7bfe6ea9a3415dbd05e7a52 (diff)
download	nextcloud-server-6414b4b51695affb8a2c5effa9685f46551a4fe8.tar.gz nextcloud-server-6414b4b51695affb8a2c5effa9685f46551a4fe8.zip