Merge pull request #11858 from owncloud/fix-11064

Allow any outgoing XHR connections
author: Morris Jobke <hey@morrisjobke.de> 2014-10-30 16:19:39 +0100
committer: Morris Jobke <hey@morrisjobke.de> 2014-10-30 16:19:39 +0100
commit: 90e523ead09436c54993ea527a1eec3faad7a0bd (patch)
tree: 077291c8f6f6ba3dfd5415da90ee7b28868376ae /lib
parent: 18f7f582acbb27b5ed873563b5714ed4b493f468 (diff)
parent: b3f881748d968779120aa702142ed47eb66251ba (diff)
download: nextcloud-server-90e523ead09436c54993ea527a1eec3faad7a0bd.tar.gz
nextcloud-server-90e523ead09436c54993ea527a1eec3faad7a0bd.zip
1 files changed, 2 insertions, 1 deletions
diff --git a/lib/private/response.php b/lib/private/response.php
index caa382af776..cf18115111a 100644
--- a/lib/private/response.php
+++ b/lib/private/response.php
@@ -212,7 +212,8 @@ class OC_Response {
 			. 'frame-src *; '
 			. 'img-src *; '
 			. 'font-src \'self\' data:; '
-			. 'media-src *');
+			. 'media-src *; ' 
+			. 'connect-src *');
 		header('Content-Security-Policy:' . $policy);
 
 		// https://developers.google.com/webmasters/control-crawl-index/docs/robots_meta_tag
author	Morris Jobke <hey@morrisjobke.de>	2014-10-30 16:19:39 +0100
committer	Morris Jobke <hey@morrisjobke.de>	2014-10-30 16:19:39 +0100
commit	90e523ead09436c54993ea527a1eec3faad7a0bd (patch)
tree	077291c8f6f6ba3dfd5415da90ee7b28868376ae /lib
parent	18f7f582acbb27b5ed873563b5714ed4b493f468 (diff)
parent	b3f881748d968779120aa702142ed47eb66251ba (diff)
download	nextcloud-server-90e523ead09436c54993ea527a1eec3faad7a0bd.tar.gz nextcloud-server-90e523ead09436c54993ea527a1eec3faad7a0bd.zip