rmorawski/standardnotes-app-web
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

frame-src allow data: url

Browse Source
This commit is contained in:
Mo Bitar
2018-09-06 10:57:47 -05:00
parent 1e6aeebb4b
commit 573009cc82
1 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
config/application.rb
View File

@@ -52,7 +52,8 @@ module Neeto
default_src: %w(https: 'self'), default_src: %w(https: 'self'),
base_uri: %w('self'), base_uri: %w('self'),
block_all_mixed_content: false, # see http://www.w3.org/TR/mixed-content/ block_all_mixed_content: false, # see http://www.w3.org/TR/mixed-content/
child_src: ["*"], child_src: ["*", "blob:"],
frame_src: ["*", "blob:"],
connect_src: ["*"], connect_src: ["*"],
font_src: %w(* 'self'), font_src: %w(* 'self'),
form_action: %w('self'), form_action: %w('self'),