From 6c02a512382b53ca9d1a00c789dc099576dbd5a5 Mon Sep 17 00:00:00 2001
From: "tristan.champomier" <rooty@rooty.me>
Date: Sun, 12 Sep 2021 06:57:26 +0200
Subject: [PATCH] Removed img-src policy from Content-Security-Policy for now
 or wysiwyg not loading image in area

---
 .htaccess | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/.htaccess b/.htaccess
index 22eea70..bb2dc6c 100755
--- a/.htaccess
+++ b/.htaccess
@@ -35,7 +35,8 @@ Options -Indexes
 		Header always set Permissions-Policy "geolocation=(self);midi=(self);microphone=(self);camera=(self);fullscreen=(self);payment=()"
 		
 		Header onsuccess unset Content-Security-Policy
-		Header always set Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' https:; style-src 'self' 'unsafe-inline' https:; img-src https:; font-src https:; form-action https:;"
+# 		Header always set Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' https:; style-src 'self' 'unsafe-inline' https:; img-src https:; font-src https:; form-action https:;"
+		Header always set Content-Security-Policy "script-src 'self' 'unsafe-inline' https:; style-src 'self' 'unsafe-inline' https:; font-src https:; form-action https:;"
 
 		SetEnv modHeadersAvailable true
 	</IfModule>