Skip to content
This repository has been archived by the owner on May 8, 2024. It is now read-only.

Commit

Permalink
Set correct media-src in CSP
Browse files Browse the repository at this point in the history
  • Loading branch information
@Jamie0
Jamie0 committed Dec 3, 2017
1 parent a109393 commit df0a895
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 4 deletions.
4 changes: 2 additions & 2 deletions src/public/index.html.ejs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no">
<meta name="apple-mobile-web-app-capable" content="yes">
<meta http-equiv="Content-Security-Policy" content="default-src * data: blob:; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval' blob:; media-src *; connect-src ws://webapi.insanityradio.com wss://webapi.insanityradio.com http://localhost:8080 ws://localhost:8080 http://stream.cor.insanityradio.com https://stream.cor.insanityradio.com https://scdn.insanityradio.com http://scdn.insanityradio.com">
<meta http-equiv="Content-Security-Policy" content="default-src * data: blob:; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval' blob:; media-src * blob: data:; connect-src ws://webapi.insanityradio.com wss://webapi.insanityradio.com http://localhost:8080 ws://localhost:8080 http://stream.cor.insanityradio.com https://stream.cor.insanityradio.com https://scdn.insanityradio.com http://scdn.insanityradio.com">

<script type="text/javascript">
Expand All @@ -35,4 +35,4 @@
<body>
<app></app>
</body>
</html>
</html>
4 changes: 2 additions & 2 deletions www/index.html
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
<!DOCTYPE html> <html> <head> <title>Listen | Insanity Radio 103.2FM</title> <meta property="og:title" content="Listen to Insanity"> <meta property="og:type" content="music.radio_station"> <meta property="og:music:creator" content="Insanity Radio 103.2FM"> <meta property="og:image" content="https://insanityradio.com/res/og_listen.png"> <meta property="og:image:height" content="768"> <meta property="og:site_name" content="Insanity Radio 103.2FM"> <meta property="og:url" content="http://insanityradio.com/listen/"> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1"> <meta name="viewport" content="width=device-width,initial-scale=1,maximum-scale=1,user-scalable=no"> <meta name="apple-mobile-web-app-capable" content="yes"> <meta http-equiv="Content-Security-Policy" content="default-src * data: blob:; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval' blob:; media-src *; connect-src ws://webapi.insanityradio.com wss://webapi.insanityradio.com http://localhost:8080 ws://localhost:8080 http://stream.cor.insanityradio.com https://stream.cor.insanityradio.com https://scdn.insanityradio.com http://scdn.insanityradio.com"> <script type="text/javascript"> // Not supported on any version of IE currently. Fall back to classic
<!DOCTYPE html> <html> <head> <title>Listen | Insanity Radio 103.2FM</title> <meta property="og:title" content="Listen to Insanity"> <meta property="og:type" content="music.radio_station"> <meta property="og:music:creator" content="Insanity Radio 103.2FM"> <meta property="og:image" content="https://insanityradio.com/res/og_listen.png"> <meta property="og:image:height" content="768"> <meta property="og:site_name" content="Insanity Radio 103.2FM"> <meta property="og:url" content="http://insanityradio.com/listen/"> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1"> <meta name="viewport" content="width=device-width,initial-scale=1,maximum-scale=1,user-scalable=no"> <meta name="apple-mobile-web-app-capable" content="yes"> <meta http-equiv="Content-Security-Policy" content="default-src * data: blob:; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval' blob:; media-src * data: blob:; connect-src ws://webapi.insanityradio.com wss://webapi.insanityradio.com http://localhost:8080 ws://localhost:8080 http://stream.cor.insanityradio.com https://stream.cor.insanityradio.com https://scdn.insanityradio.com http://scdn.insanityradio.com"> <script type="text/javascript"> // Not supported on any version of IE currently. Fall back to classic
if(navigator.userAgent.indexOf("Trident") > -1 || navigator.userAgent.indexOf("MSIE") > -1) {
location.href = '/listen/classic/';
} </script> <script type="text/javascript" src="components/loader.js"></script> <link rel="stylesheet" type="text/css" href="components/loader.css"> <link href="app.css" rel="stylesheet"></head> <body> <app></app> <script type="text/javascript" src="polyfills.bundle.js"></script><script type="text/javascript" src="vendor.bundle.js"></script><script type="text/javascript" src="app.bundle.js"></script></body> </html>
} </script> <script type="text/javascript" src="components/loader.js"></script> <link rel="stylesheet" type="text/css" href="components/loader.css"> <link href="app.css" rel="stylesheet"></head> <body> <app></app> <script type="text/javascript" src="polyfills.bundle.js"></script><script type="text/javascript" src="vendor.bundle.js"></script><script type="text/javascript" src="app.bundle.js"></script></body> </html>

0 comments on commit df0a895

Please sign in to comment.