deblan-mirror/thelounge
deblan-mirror/thelounge
1
0
Fork 0
mirror of https://github.com/thelounge/thelounge.git synced 2024-06-13 19:22:18 +02:00
Code Issues Projects Releases Wiki Activity

Merge pull request #2014 from thelounge/yamanickill/2012-css-csp

Browse source 
Allow https css
This commit is contained in:
Pavel Djundik 2018-01-30 14:07:19 +02:00 committed by GitHub
parent 4f5807b8fe 72fafc5b4f
commit 8f2caca6d7
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
src/server.js
View file

@ -228,7 +228,7 @@ function index(req, res, next) {
"default-src 'none'", // default to nothing
"form-action 'none'", // no default-src fallback
"connect-src 'self' ws: wss:", // allow self for polling; websockets
"style-src 'self' 'unsafe-inline'", // allow inline due to use in irc hex colors
"style-src 'self' https: 'unsafe-inline'", // allow inline due to use in irc hex colors
"script-src 'self'", // javascript
"worker-src 'self'", // service worker
"child-src 'self'", // deprecated fall back for workers, Firefox <58, see #1902