X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/d7b4f88d5e342b5c2b4f2435d0394e4286524678..c5ef6404f5782c8305f9d1d25d2c99a545cdd9a1:/app/controllers/site_controller.rb

diff --git a/app/controllers/site_controller.rb b/app/controllers/site_controller.rb
index 353feecef..b0552322e 100644
--- a/app/controllers/site_controller.rb
+++ b/app/controllers/site_controller.rb
@@ -72,7 +72,8 @@ class SiteController < ApplicationController
     if editor == "potlatch" || editor == "potlatch2"
       append_content_security_policy_directives(
         :object_src => %w(*),
-        :plugin_types => %w(application/x-shockwave-flash)
+        :plugin_types => %w(application/x-shockwave-flash),
+        :script_src => %w('unsafe-inline')
       )
     end