]> git.openstreetmap.org Git - rails.git/blobdiff - config/initializers/secure_headers.rb
Merge remote-tracking branch 'upstream/pull/2637'
[rails.git] / config / initializers / secure_headers.rb
index b24eb5c4264250c9f65c5ba5bd27bd91322a670f..78e9fee371f74ec480073aeed2bc146a7f134965 100644 (file)
@@ -7,7 +7,7 @@ csp_policy = {
   :form_action => %w['self'],
   :frame_ancestors => %w['self'],
   :frame_src => %w['self'],
   :form_action => %w['self'],
   :frame_ancestors => %w['self'],
   :frame_src => %w['self'],
-  :img_src => %w['self' data: www.gravatar.com *.wp.com *.tile.openstreetmap.org *.tile.thunderforest.com *.openstreetmap.fr],
+  :img_src => %w['self' data: www.gravatar.com *.wp.com tile.openstreetmap.org *.tile.openstreetmap.org *.tile.thunderforest.com *.openstreetmap.fr],
   :manifest_src => %w['self'],
   :media_src => %w['none'],
   :object_src => %w['self'],
   :manifest_src => %w['self'],
   :media_src => %w['none'],
   :object_src => %w['self'],