From: Dessalines Date: Tue, 22 Nov 2022 21:39:55 +0000 (-0500) Subject: Fix csp header for svgs in firefox. Fixes #869 (#870) X-Git-Url: http://these/git/%22%7Burl%7D/%22https:/image.com/%7B%60%24%7BghostArchiveUrl%7D/%7BimageSrc%7D?a=commitdiff_plain;h=a6c0643428d8b630b0c6007d3b25acb5f185f4a0;p=lemmy-ui.git Fix csp header for svgs in firefox. Fixes #869 (#870) --- diff --git a/src/server/index.tsx b/src/server/index.tsx index 291989f..7d6200e 100644 --- a/src/server/index.tsx +++ b/src/server/index.tsx @@ -32,7 +32,7 @@ if (!process.env["LEMMY_UI_DISABLE_CSP"] && !process.env["LEMMY_UI_DEBUG"]) { server.use(function (_req, res, next) { res.setHeader( "Content-Security-Policy", - `default-src 'none'; connect-src *; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; form-action 'self'; base-uri 'self'; frame-src *` + `default-src 'self'; connect-src *; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; form-action 'self'; base-uri 'self'; frame-src *` ); next(); });