permitir carga remota de imágenes

2020-10-19 12:46:25 -03:00 · 2020-10-19 12:46:25 -03:00 · caaafc50c0
parent 0473c9fc2e
commit caaafc50c0
1 changed files with 1 additions and 2 deletions
--- a/config/initializers/content_security_policy.rb
+++ b/config/initializers/content_security_policy.rb
@ -13,9 +13,8 @@ Rails.application.config.content_security_policy do |policy|
  # Repetimos la default para poder saber cuál es la política en falta
  policy.script_src  :self
  policy.font_src    :self
-  # TODO: Permitimos cargar imágenes remotas?
  # XXX: Los íconos de Trix se cargan vía data:
-  policy.img_src     :self, :data
+  policy.img_src     :self, :data, :https
  # Ya no usamos applets!
  policy.object_src  :none
  if Rails.env.development?