diff options
author | Pedro Pinto Silva <pedro.silva@collabora.com> | 2021-10-13 19:24:12 +0200 |
---|---|---|
committer | Michael Meeks <michael.meeks@collabora.com> | 2021-10-14 19:15:07 +0100 |
commit | 352d1d1f40c96cc76968ec657ad096ee36d7ca72 (patch) | |
tree | 0f498c6500b9933632e636670d7682b0acbf7b96 /wsd | |
parent | Bump package version to 21.06.2.0-1 (diff) | |
download | online-352d1d1f40c96cc76968ec657ad096ee36d7ca72.tar.gz online-352d1d1f40c96cc76968ec657ad096ee36d7ca72.zip |
Allow one more url source for images
cp-21.06.2-0
By adding this img-src to the content-security-policy it
makes possible updating images from a dialog without requiring
updating Collabora Online
Signed-off-by: Pedro Pinto Silva <pedro.silva@collabora.com>
Change-Id: I3ca8934c3e6eb0ee78a36a483f45eaf5649c84d5
Diffstat (limited to 'wsd')
-rw-r--r-- | wsd/FileServer.cpp | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/wsd/FileServer.cpp b/wsd/FileServer.cpp index 33357e1375..db2c6e8340 100644 --- a/wsd/FileServer.cpp +++ b/wsd/FileServer.cpp @@ -813,7 +813,7 @@ void FileServerRequestHandler::preprocessFile(const HTTPRequest& request, // Document signing: if endpoint URL is configured, whitelist that for // iframe purposes. std::ostringstream cspOss; - cspOss << "Content-Security-Policy: default-src 'none'; " + cspOss << "Content-Security-Policy: default-src 'none'; img-src 'self' data: https://www.collaboraoffice.com/;" #ifdef ENABLE_FEEDBACK "frame-src 'self' " << FEEDBACK_LOCATION << " blob: " << documentSigningURL << "; " #else |