Fix CSP for images for legacy apps

Fixes #19425
author: Olivier Paroz <github@oparoz.com> 2015-09-28 23:21:26 +0200
committer: Olivier Paroz <github@oparoz.com> 2015-09-28 23:21:26 +0200
commit: c4bac1655db175e9a7bfe6ea9a3415dbd05e7a52 (patch)
tree: 9ba3a8d45766be2e98f8ae73e5167d83255f4cd7 /lib
parent: 7fa9f29d7f92ce6e7cab252781a2693e98edc32b (diff)
download: nextcloud-server-c4bac1655db175e9a7bfe6ea9a3415dbd05e7a52.tar.gz
nextcloud-server-c4bac1655db175e9a7bfe6ea9a3415dbd05e7a52.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/private/response.php b/lib/private/response.php
index f1a429463f2..14ee92972a9 100644
--- a/lib/private/response.php
+++ b/lib/private/response.php
@@ -247,7 +247,7 @@ class OC_Response {
 			. 'script-src \'self\' \'unsafe-eval\'; '
 			. 'style-src \'self\' \'unsafe-inline\'; '
 			. 'frame-src *; '
-			. 'img-src *; '
+			. 'img-src * data:; '
 			. 'font-src \'self\' data:; '
 			. 'media-src *; ' 
 			. 'connect-src *';
author	Olivier Paroz <github@oparoz.com>	2015-09-28 23:21:26 +0200
committer	Olivier Paroz <github@oparoz.com>	2015-09-28 23:21:26 +0200
commit	c4bac1655db175e9a7bfe6ea9a3415dbd05e7a52 (patch)
tree	9ba3a8d45766be2e98f8ae73e5167d83255f4cd7 /lib
parent	7fa9f29d7f92ce6e7cab252781a2693e98edc32b (diff)
download	nextcloud-server-c4bac1655db175e9a7bfe6ea9a3415dbd05e7a52.tar.gz nextcloud-server-c4bac1655db175e9a7bfe6ea9a3415dbd05e7a52.zip