permitir carga remota de imágenes
This commit is contained in:
parent
0473c9fc2e
commit
caaafc50c0
1 changed files with 1 additions and 2 deletions
|
@ -13,9 +13,8 @@ Rails.application.config.content_security_policy do |policy|
|
|||
# Repetimos la default para poder saber cuál es la política en falta
|
||||
policy.script_src :self
|
||||
policy.font_src :self
|
||||
# TODO: Permitimos cargar imágenes remotas?
|
||||
# XXX: Los íconos de Trix se cargan vía data:
|
||||
policy.img_src :self, :data
|
||||
policy.img_src :self, :data, :https
|
||||
# Ya no usamos applets!
|
||||
policy.object_src :none
|
||||
if Rails.env.development?
|
||||
|
|
Loading…
Reference in a new issue