From 6e4f34651be7b37938ea2fba38ab81e4a67769ec Mon Sep 17 00:00:00 2001 From: Thorsten Ortlepp Date: Fri, 13 Dec 2024 00:34:09 +0100 Subject: fix broken csp --- static/.htaccess | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/static/.htaccess b/static/.htaccess index 28b709e..e7cb1dc 100644 --- a/static/.htaccess +++ b/static/.htaccess @@ -3,7 +3,7 @@ Header setifempty X-Frame-Options "DENY" Header setifempty X-XSS-Protection "1; mode=block" Header setifempty Referrer-Policy "strict-origin" - Header setifempty Content-Security-Policy "default-src 'none'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline'; connect-src 'self'; form-action 'none'; base-uri 'self'; frame-ancestors 'none'" + Header setifempty Content-Security-Policy "default-src 'none'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline'; img-src 'self'; connect-src 'self'; form-action 'none'; base-uri 'self'; frame-ancestors 'none'" Header setifempty Permissions-Policy "camera=(), microphone=(), geolocation=(), gyroscope=(), magnetometer=(), usb=()" -- cgit v1.2.3