rooty/Qware_core
0
0
Fork 0
Code Issues 6 Pull Requests Actions Packages Projects Releases Wiki Activity

Removed img-src policy from Content-Security-Policy for now or wysiwyg not loading image in area

Browse Source
This commit is contained in:
Rooty 2021-09-12 06:57:26 +02:00
parent 666bf18364
commit 6c02a51238
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
.htaccess
View File

@ -35,7 +35,8 @@ Options -Indexes
Header always set Permissions-Policy "geolocation=(self);midi=(self);microphone=(self);camera=(self);fullscreen=(self);payment=()"
Header onsuccess unset Content-Security-Policy
Header always set Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' https:; style-src 'self' 'unsafe-inline' https:; img-src https:; font-src https:; form-action https:;"
# Header always set Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' https:; style-src 'self' 'unsafe-inline' https:; img-src https:; font-src https:; form-action https:;"
Header always set Content-Security-Policy "script-src 'self' 'unsafe-inline' https:; style-src 'self' 'unsafe-inline' https:; font-src https:; form-action https:;"
SetEnv modHeadersAvailable true
</IfModule>