diff options
| author | Lukas Reschke <lukas@owncloud.com> | 2015-09-29 14:18:12 +0200 |
|---|---|---|
| committer | Lukas Reschke <lukas@owncloud.com> | 2015-09-29 14:27:35 +0200 |
| commit | e735a9915cec6a26f7f6d89100fef383c563fd0d (patch) | |
| tree | f9ddbb5ce4f81d319a8c399a38be4f21d16bb58f /lib/public/appframework/http/contentsecuritypolicy.php | |
| parent | c061b3e44b56c5cd89aeb4a6bad4673155e7ee9e (diff) | |
| download | nextcloud-server-e735a9915cec6a26f7f6d89100fef383c563fd0d.tar.gz nextcloud-server-e735a9915cec6a26f7f6d89100fef383c563fd0d.zip | |
Add blob: scheme to default CSP policy
Fixes https://github.com/owncloud/core/issues/19438
Diffstat (limited to 'lib/public/appframework/http/contentsecuritypolicy.php')
| -rw-r--r-- | lib/public/appframework/http/contentsecuritypolicy.php | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/lib/public/appframework/http/contentsecuritypolicy.php b/lib/public/appframework/http/contentsecuritypolicy.php index ee36f7aac17..07c76f2969c 100644 --- a/lib/public/appframework/http/contentsecuritypolicy.php +++ b/lib/public/appframework/http/contentsecuritypolicy.php @@ -64,6 +64,7 @@ class ContentSecurityPolicy { private $allowedImageDomains = [ '\'self\'', 'data:', + 'blob:', ]; /** @var array Domains to which connections can be done */ private $allowedConnectDomains = [ |