PrivateCoffee/alltube
4
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Don't restrict forms in CSP (#327)

Browse source
This commit is contained in:
Pierre Rudloff 2020-11-04 23:03:39 +01:00
parent 17422d8485
commit c0b2acf33e
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
classes/Middleware/CspMiddleware.php
View file

@ -40,10 +40,10 @@ class CspMiddleware
$csp->addDirective('default-src', [])
->addDirective('font-src', ['self' => true])
->addDirective('style-src', ['self' => true])
->addDirective('form-action', ['self' => true])
->addDirective('manifest-src', ['self' => true])
->addDirective('base-uri', [])
->addDirective('frame-ancestors', [])
->addSource('form-action', '*')
->addSource('img-src', '*');
if ($this->config->debug) {