Correct copy paste fail

author: Lukas Reschke <lukas@statuscode.ch> 2013-01-21 20:46:42 +0100
committer: Lukas Reschke <lukas@statuscode.ch> 2013-01-21 20:46:42 +0100
commit: 0c59074eeb4e3e11d2d0423e8745fe7822498d26 (patch)
tree: 9d052a7eb79d277ee38717fb3d30577b52e36ad5 /lib/template.php
parent: 9bc8df36490c76b66812ba30bd0bfea083353c59 (diff)
download: nextcloud-server-0c59074eeb4e3e11d2d0423e8745fe7822498d26.tar.gz
nextcloud-server-0c59074eeb4e3e11d2d0423e8745fe7822498d26.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/template.php b/lib/template.php
index 7ac2b321b33..74d14c563b9 100644
--- a/lib/template.php
+++ b/lib/template.php
@@ -189,7 +189,7 @@ class OC_Template{
 		header('X-Frame-Options: Sameorigin'); // Disallow iFraming from other domains
 		header('X-XSS-Protection: 1; mode=block'); // Enforce browser based XSS filters
 		header('X-Content-Type-Options: nosniff'); // Disable sniffing the content type for IE
-		header('Content-Security-Policy: default-src \'self\'; script-src \'self\' \'unsafe-inline\'; style-src \'self\' \'unsafe-inline\''); // Disallow external ressources + eval()
+		header('Content-Security-Policy: default-src \'self\'; style-src \'self\' \'unsafe-inline\'');
 		header('X-WebKit-CSP: default-src \'self\'; style-src \'self\' \'unsafe-inline\'');
 
 		$this->findTemplate($name);
author	Lukas Reschke <lukas@statuscode.ch>	2013-01-21 20:46:42 +0100
committer	Lukas Reschke <lukas@statuscode.ch>	2013-01-21 20:46:42 +0100
commit	0c59074eeb4e3e11d2d0423e8745fe7822498d26 (patch)
tree	9d052a7eb79d277ee38717fb3d30577b52e36ad5 /lib/template.php
parent	9bc8df36490c76b66812ba30bd0bfea083353c59 (diff)
download	nextcloud-server-0c59074eeb4e3e11d2d0423e8745fe7822498d26.tar.gz nextcloud-server-0c59074eeb4e3e11d2d0423e8745fe7822498d26.zip