summaryrefslogtreecommitdiffstats
path: root/controller/pagecontroller.php
diff options
context:
space:
mode:
Diffstat (limited to 'controller/pagecontroller.php')
-rw-r--r--controller/pagecontroller.php13
1 files changed, 7 insertions, 6 deletions
diff --git a/controller/pagecontroller.php b/controller/pagecontroller.php
index 3b3220598..5768549c6 100644
--- a/controller/pagecontroller.php
+++ b/controller/pagecontroller.php
@@ -72,12 +72,13 @@ class PageController extends Controller {
]);
$csp = new ContentSecurityPolicy();
- $csp->addAllowedImageDomain('*');
- $csp->addAllowedMediaDomain('*');
- $csp->addAllowedFrameDomain('https://youtube.com');
- $csp->addAllowedFrameDomain('https://www.youtube.com');
- $csp->addAllowedFrameDomain('https://player.vimeo.com');
- $csp->addAllowedFrameDomain('https://www.player.vimeo.com');
+ $csp->addAllowedImageDomain('*')
+ ->addAllowedMediaDomain('*')
+ ->addAllowedConnectDomain('*') // chrome breaks on audio elements
+ ->addAllowedFrameDomain('https://youtube.com')
+ ->addAllowedFrameDomain('https://www.youtube.com')
+ ->addAllowedFrameDomain('https://player.vimeo.com')
+ ->addAllowedFrameDomain('https://www.player.vimeo.com');
$response->setContentSecurityPolicy($csp);
return $response;
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-08 07:40:03 +0000