Profouzors
/
ProfouzorsLinx
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

allow unsafe-inline for style-src for now 

This is used for the upload progress bar. Hopefully we can find a better
solution in the future for this.
This commit is contained in:
mutantmonkey 2015-10-04 15:11:23 -07:00
parent 5e7e96af01
commit e030c07f94
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
server.go
View File

@ -135,7 +135,7 @@ func main() {
flag.BoolVar(&Config.remoteUploads, "remoteuploads", false, flag.BoolVar(&Config.remoteUploads, "remoteuploads", false,
"enable remote uploads") "enable remote uploads")
flag.StringVar(&Config.contentSecurityPolicy, "contentSecurityPolicy", flag.StringVar(&Config.contentSecurityPolicy, "contentSecurityPolicy",
"default-src 'self'; img-src 'self' data:; referrer none;", "default-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; referrer none;",
"value of default Content-Security-Policy header") "value of default Content-Security-Policy header")
flag.StringVar(&Config.fileContentSecurityPolicy, "fileContentSecurityPolicy", flag.StringVar(&Config.fileContentSecurityPolicy, "fileContentSecurityPolicy",
"default-src 'none'; img-src 'self'; object-src 'self'; media-src 'self'; sandbox; referrer none;", "default-src 'none'; img-src 'self'; object-src 'self'; media-src 'self'; sandbox; referrer none;",