From: Martin Raifer <martin@raifer.tech>
Date: Sun, 26 May 2024 12:26:31 +0000 (+0200)
Subject: allow data URIs for images in iD
X-Git-Tag: live~447^2
X-Git-Url: https://git.openstreetmap.org./rails.git/commitdiff_plain/4ef6876b32e6c56475c3f4c709c7ce1071c47227?hp=--cc

allow data URIs for images in iD
---

4ef6876b32e6c56475c3f4c709c7ce1071c47227
diff --git a/app/controllers/site_controller.rb b/app/controllers/site_controller.rb
index 172be5653..265901bec 100644
--- a/app/controllers/site_controller.rb
+++ b/app/controllers/site_controller.rb
@@ -18,7 +18,7 @@ class SiteController < ApplicationController
 
   content_security_policy(:only => :id) do |policy|
     policy.connect_src("*")
-    policy.img_src("*", :blob)
+    policy.img_src(*policy.img_src, "*", :blob)
     policy.script_src(*policy.script_src, "dev.virtualearth.net", :unsafe_eval)
     policy.style_src(*policy.style_src, :unsafe_inline)
   end