From 929d33fb22754e8525f3054b321891335b522faa Mon Sep 17 00:00:00 2001 From: Mario Vavti Date: Wed, 25 May 2016 14:18:41 +0200 Subject: another try on #385 - replace sabres restrictive CSP with what we do in boot.php --- Zotlabs/Storage/Browser.php | 1 + 1 file changed, 1 insertion(+) (limited to 'Zotlabs/Storage/Browser.php') diff --git a/Zotlabs/Storage/Browser.php b/Zotlabs/Storage/Browser.php index 3556f7f06..f875cbf33 100644 --- a/Zotlabs/Storage/Browser.php +++ b/Zotlabs/Storage/Browser.php @@ -256,6 +256,7 @@ class Browser extends DAV\Browser\Plugin { $func($a); } } + $this->server->httpResponse->setHeader('Content-Security-Policy', "script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'"); construct_page($a); } -- cgit v1.2.3