From bb90b0ee6e42be748309d56040a4c41add32edc9 Mon Sep 17 00:00:00 2001
From: Lukas Reschke <lukas@statuscode.ch>
Date: Mon, 4 Feb 2013 18:38:16 +0100
Subject: Allow the loading of local font files embedded via data:

---
 lib/template.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'lib/template.php')

diff --git a/lib/template.php b/lib/template.php
index ebcc2b879c8..be65d14a9f6 100644
--- a/lib/template.php
+++ b/lib/template.php
@@ -192,7 +192,7 @@ class OC_Template{
 
 		// Content Security Policy
 		// If you change the standard policy, please also change it in config.sample.php
-		$policy = OC_Config::getValue('custom_csp_policy',  'default-src \'self\'; script-src \'self\' \'unsafe-eval\'; style-src \'self\' \'unsafe-inline\'; frame-src *; img-src *; font-src *');
+		$policy = OC_Config::getValue('custom_csp_policy',  'default-src \'self\'; script-src \'self\' \'unsafe-eval\'; style-src \'self\' \'unsafe-inline\'; frame-src *; img-src *; font-src data:');
 		header('Content-Security-Policy:'.$policy); // Standard
 		header('X-WebKit-CSP:'.$policy); // Older webkit browsers
 
-- 
cgit v1.2.3