Merge branch 'connect-src' into 'develop'

Add blob: to connect-src CSP, fixes #1827 Closes #1827 See merge request pleroma/pleroma!2608
author: rinpatch <rinpatch@sdf.org> 2020-05-29 19:26:54 +0000
committer: rinpatch <rinpatch@sdf.org> 2020-05-29 19:26:54 +0000
commit: 660d49227b951185d9218b787de70cc14f217417 (patch)
tree: 3f4a282d2c15d824af428a3db31cd47d9de14518 /lib
parent: 219d2b3146ee72abc0bb8bd163c0ddcd986988fc (diff)
parent: d38f28870e7ba1c8c1b315d52e68a83fb1a68b6d (diff)
download: pleroma-660d49227b951185d9218b787de70cc14f217417.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/pleroma/plugs/http_security_plug.ex b/lib/pleroma/plugs/http_security_plug.ex
index 2208d1d6c..41e3a31f4 100644
--- a/lib/pleroma/plugs/http_security_plug.ex
+++ b/lib/pleroma/plugs/http_security_plug.ex
@@ -78,7 +78,7 @@ defmodule Pleroma.Plugs.HTTPSecurityPlug do
         {img_src, media_src}
       end
 
-    connect_src = ["connect-src 'self' ", static_url, ?\s, websocket_url]
+    connect_src = ["connect-src 'self' blob: ", static_url, ?\s, websocket_url]
 
     connect_src =
       if Pleroma.Config.get(:env) == :dev do
author	rinpatch <rinpatch@sdf.org>	2020-05-29 19:26:54 +0000
committer	rinpatch <rinpatch@sdf.org>	2020-05-29 19:26:54 +0000
commit	660d49227b951185d9218b787de70cc14f217417 (patch)
tree	3f4a282d2c15d824af428a3db31cd47d9de14518 /lib
parent	219d2b3146ee72abc0bb8bd163c0ddcd986988fc (diff)
parent	d38f28870e7ba1c8c1b315d52e68a83fb1a68b6d (diff)
download	pleroma-660d49227b951185d9218b787de70cc14f217417.tar.gz