diff options
author | Roeland Jago Douma <roeland@famdouma.nl> | 2019-01-07 13:13:34 +0100 |
---|---|---|
committer | Backportbot <backportbot-noreply@rullzer.com> | 2019-01-07 14:40:23 +0000 |
commit | de30c11cf34141ea32d8f8706189d9190de41b76 (patch) | |
tree | 9d4d9bbe23fa64ff51e0797f82163655a9022aa5 /lib/public | |
parent | d21bc0e314a8376f8a3f180b23c89e599ce44c8f (diff) | |
download | nextcloud-server-de30c11cf34141ea32d8f8706189d9190de41b76.tar.gz nextcloud-server-de30c11cf34141ea32d8f8706189d9190de41b76.zip |
CSP: Allow fonts to be provided in data
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Diffstat (limited to 'lib/public')
-rw-r--r-- | lib/public/AppFramework/Http/ContentSecurityPolicy.php | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/lib/public/AppFramework/Http/ContentSecurityPolicy.php b/lib/public/AppFramework/Http/ContentSecurityPolicy.php index e9ecf000364..68aa4b5ddb4 100644 --- a/lib/public/AppFramework/Http/ContentSecurityPolicy.php +++ b/lib/public/AppFramework/Http/ContentSecurityPolicy.php @@ -80,6 +80,7 @@ class ContentSecurityPolicy extends EmptyContentSecurityPolicy { /** @var array Domains from which fonts can be loaded */ protected $allowedFontDomains = [ '\'self\'', + 'data:', ]; /** @var array Domains from which web-workers and nested browsing content can load elements */ protected $allowedChildSrcDomains = []; |