summaryrefslogtreecommitdiffstats
path: root/lib/Controller/PageController.php
diff options
context:
space:
mode:
Diffstat (limited to 'lib/Controller/PageController.php')
-rw-r--r--lib/Controller/PageController.php16
1 files changed, 16 insertions, 0 deletions
diff --git a/lib/Controller/PageController.php b/lib/Controller/PageController.php
index 96b541de6..7cc11196c 100644
--- a/lib/Controller/PageController.php
+++ b/lib/Controller/PageController.php
@@ -262,6 +262,14 @@ class PageController extends Controller {
$csp = new ContentSecurityPolicy();
$csp->addAllowedConnectDomain('*');
$csp->addAllowedMediaDomain('blob:');
+ $csp->addAllowedWorkerSrcDomain('blob:');
+ $csp->addAllowedWorkerSrcDomain("'self'");
+ $csp->addAllowedChildSrcDomain('blob:');
+ $csp->addAllowedChildSrcDomain("'self'");
+ $csp->addAllowedScriptDomain('blob:');
+ $csp->addAllowedScriptDomain("'self'");
+ $csp->addAllowedConnectDomain('blob:');
+ $csp->addAllowedConnectDomain("'self'");
$csp->addAllowedImageDomain('https://*.tile.openstreetmap.org');
$response->setContentSecurityPolicy($csp);
return $response;
@@ -315,6 +323,14 @@ class PageController extends Controller {
$csp = new ContentSecurityPolicy();
$csp->addAllowedConnectDomain('*');
$csp->addAllowedMediaDomain('blob:');
+ $csp->addAllowedWorkerSrcDomain('blob:');
+ $csp->addAllowedWorkerSrcDomain("'self'");
+ $csp->addAllowedChildSrcDomain('blob:');
+ $csp->addAllowedChildSrcDomain("'self'");
+ $csp->addAllowedScriptDomain('blob:');
+ $csp->addAllowedScriptDomain("'self'");
+ $csp->addAllowedConnectDomain('blob:');
+ $csp->addAllowedConnectDomain("'self'");
$csp->addAllowedImageDomain('https://*.tile.openstreetmap.org');
$response->setContentSecurityPolicy($csp);
return $response;
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-02 15:24:26 +0000