mirror/FreshRSS
0
0
Fork 0
mirror of https://github.com/FreshRSS/FreshRSS.git synced 2026-05-14 18:23:52 -04:00
Code Issues Packages Projects Releases Wiki Activity

Add CSP to favicons (#7471)

Browse Source 
E.g. for the case of SVGs
This commit is contained in:
Alexandre Alapetite
2025-04-01 09:27:33 +02:00
committed by GitHub
parent d0b9611319
commit 426e3054c2
1 changed files with 1 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
p/f.php
View File

@@ -48,6 +48,7 @@ if ($ico_mtime == false || $ico_mtime < $txt_mtime || ($ico_mtime < time() - (mt
}
}
header("Content-Security-Policy: default-src 'none'; img-src 'self'; style-src 'self';");
if (!httpConditional($ico_mtime, mt_rand(14, 21) * 86400, 2)) {
$ico_content_type = contentType($ico);
header('Content-Type: ' . $ico_content_type);