Skip to content

Commit

Permalink
nginx: temporarily use unsafe-eval in CSP for Isso
Browse files Browse the repository at this point in the history 
Quite a bummer!
  • Loading branch information
@vincentbernat
vincentbernat committed Apr 17, 2018
1 parent 7c80a65 commit 743c471
Showing 1 changed file with 2 additions and 1 deletion.
3 changes: 2 additions & 1 deletion layout/nginx.j2
View file
Expand Up @@ -6,7 +6,8 @@ add_header "X-Content-Type-Options" "nosniff";
add_header "Strict-Transport-Security" "max-age=31557600; includeSubDomains; preload";
add_header "Content-Security-Policy" "{% filter striptags %}
default-src 'self' blob:;
script-src 'self' blob:
script-src 'self' blob:
'unsafe-eval'
{{ media_url('js/') }};
object-src 'self' {{ media_url('images/') }};
img-src 'self' data:
Expand Down

0 comments on commit 743c471

Please sign in to comment.