ngskcloud
/
gcgj-dify-1.7.0
16
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Allow `data:` urls for `img-src` in CSP policies

Browse Source 
This allows browser to display embedded images with `data:` urls.
pull/19723/head
QuantumGhost 11 months ago committed by GitHub
parent dc75a10989
commit 5818e8933a
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File

2
web/middleware.ts
Unescape Escape View File

@ -37,7 +37,7 @@ export function middleware(request: NextRequest) {
style-src 'self' 'unsafe-inline' ${scheme_source} ${whiteList};
worker-src 'self' ${scheme_source} ${csp} ${whiteList};
media-src 'self' ${scheme_source} ${csp} ${whiteList};
img-src *;
img-src http: https: data:;
font-src 'self';
object-src 'none';
base-uri 'self';

Write Preview
Loading…
Cancel
Save