X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/40a8e5caf5e5c69d175a90b81528d81d1e4e0964..eac26c9a2ca1a5fa3a85f1196416a7d324ba7663:/app/controllers/site_controller.rb?ds=sidebyside diff --git a/app/controllers/site_controller.rb b/app/controllers/site_controller.rb index 353feecef..b0552322e 100644 --- a/app/controllers/site_controller.rb +++ b/app/controllers/site_controller.rb @@ -72,7 +72,8 @@ class SiteController < ApplicationController if editor == "potlatch" || editor == "potlatch2" append_content_security_policy_directives( :object_src => %w(*), - :plugin_types => %w(application/x-shockwave-flash) + :plugin_types => %w(application/x-shockwave-flash), + :script_src => %w('unsafe-inline') ) end