mirror/FreshRSS
0
0
Fork 0
mirror of https://github.com/FreshRSS/FreshRSS.git synced 2026-04-05 07:03:29 -04:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'CSP-no-inline' into dev

Browse Source
This commit is contained in:
Alexandre Alapetite
2016-02-17 01:18:23 +01:00
parent 567a0cea80 8cdf44c87b
commit e0fe98d74f
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
app/FreshRSS.php
View File

@@ -168,7 +168,7 @@ class FreshRSS extends Minz_FrontController {
}
public static function preLayout() {
header("Content-Security-Policy: default-src 'self'; img-src * data:; media-src *; style-src 'self' 'unsafe-inline'");
header("Content-Security-Policy: default-src 'self'; child-src *; img-src * data:; media-src *; style-src 'self' 'unsafe-inline'");
self::setJavascriptCookie();
}