From 9d203f05ee0f0917a4e3f6aaf72cab602ff672a5 Mon Sep 17 00:00:00 2001
From: Florian Dold <florian.dold@gmail.com>
Date: Tue, 6 Feb 2018 12:12:32 +0100
Subject: oops, also allow 'self' for img-src

---
 etc/nginx/conf.d/talerssl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'etc/nginx/conf.d/talerssl')

diff --git a/etc/nginx/conf.d/talerssl b/etc/nginx/conf.d/talerssl
index 3aa9a47..3c33de6 100644
--- a/etc/nginx/conf.d/talerssl
+++ b/etc/nginx/conf.d/talerssl
@@ -10,5 +10,5 @@ add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; prelo
 add_header X-XSS-Protection "1; mode=block";
 add_header X-Frame-Options "SAMEORIGIN";
 add_header X-Content-Type-Options "nosniff";
-add_header Content-Security-Policy "default-src 'self'; img-src data:; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' wss://buildbot.taler.net";
+add_header Content-Security-Policy "default-src 'self'; img-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' wss://buildbot.taler.net";
 add_header Referrer-Policy "same-origin";
-- 
cgit v1.2.3