couchdb-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From kxe...@apache.org
Subject chttpd commit: updated refs/heads/master to bdcaad9
Date Mon, 14 Mar 2016 04:18:36 GMT
Repository: couchdb-chttpd
Updated Branches:
  refs/heads/master a0e52bd00 -> bdcaad96c


Backport CSP fix from couchdb-couch

Needed for the ace editor icons
See https://github.com/apache/couchdb-couch/pull/2

This closes #68


Project: http://git-wip-us.apache.org/repos/asf/couchdb-chttpd/repo
Commit: http://git-wip-us.apache.org/repos/asf/couchdb-chttpd/commit/bdcaad96
Tree: http://git-wip-us.apache.org/repos/asf/couchdb-chttpd/tree/bdcaad96
Diff: http://git-wip-us.apache.org/repos/asf/couchdb-chttpd/diff/bdcaad96

Branch: refs/heads/master
Commit: bdcaad96ce7a65f94e901ca9865317ea9f4f1027
Parents: a0e52bd
Author: Robert Kowalski <robertkowalski@apache.org>
Authored: Thu Sep 3 16:10:20 2015 +0200
Committer: Alexander Shorin <kxepal@apache.org>
Committed: Mon Mar 14 07:17:07 2016 +0300

----------------------------------------------------------------------
 src/chttpd_misc.erl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/couchdb-chttpd/blob/bdcaad96/src/chttpd_misc.erl
----------------------------------------------------------------------
diff --git a/src/chttpd_misc.erl b/src/chttpd_misc.erl
index ca0a033..a9c7051 100644
--- a/src/chttpd_misc.erl
+++ b/src/chttpd_misc.erl
@@ -84,7 +84,7 @@ handle_utils_dir_req(Req, _) ->
     send_method_not_allowed(Req, "GET,HEAD").
 
 maybe_add_csp_headers(Headers, "true") ->
-    DefaultValues = "default-src 'self'; img-src 'self'; font-src 'self'; "
+    DefaultValues = "default-src 'self'; img-src 'self' data:; font-src 'self'; "
                     "script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline';",
     Value = config:get("csp", "header_value", DefaultValues),
     [{"Content-Security-Policy", Value} | Headers];


Mime
View raw message