git » website.git » commit 6e4f346

fix broken csp

author Thorsten Ortlepp
2024-12-12 23:34:09 UTC
committer Thorsten Ortlepp
2024-12-12 23:34:09 UTC
parent 5507304cdeedb6a09f71da30002612383918d02f
fix broken csp
static/.htaccess +1 -1 
diff --git a/static/.htaccess b/static/.htaccess
index 28b709e..e7cb1dc 100644
--- a/static/.htaccess
+++ b/static/.htaccess
@@ -3,7 +3,7 @@
   Header setifempty X-Frame-Options "DENY"
   Header setifempty X-XSS-Protection "1; mode=block"
   Header setifempty Referrer-Policy "strict-origin"
-  Header setifempty Content-Security-Policy "default-src 'none'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline'; connect-src 'self'; form-action 'none'; base-uri 'self'; frame-ancestors 'none'"
+  Header setifempty Content-Security-Policy "default-src 'none'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline'; img-src 'self'; connect-src 'self'; form-action 'none'; base-uri 'self'; frame-ancestors 'none'"
   Header setifempty Permissions-Policy "camera=(), microphone=(), geolocation=(), gyroscope=(), magnetometer=(), usb=()"
 </IfModule>