From 02aa90b6b03e3043a845598c2d1a8d6956e4d01c Mon Sep 17 00:00:00 2001
From: Nikita Chernyi <rakshazi@users.noreply.github.com>
Date: Thu, 28 Jan 2016 01:38:42 +0200
Subject: Added vk.com to allowed iframe domains list

---
 controller/pagecontroller.php | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'controller')

diff --git a/controller/pagecontroller.php b/controller/pagecontroller.php
index 5c2f07565..fab68b3d9 100644
--- a/controller/pagecontroller.php
+++ b/controller/pagecontroller.php
@@ -82,7 +82,9 @@ class PageController extends Controller {
             ->addAllowedFrameDomain('https://youtube.com')
             ->addAllowedFrameDomain('https://www.youtube.com')
             ->addAllowedFrameDomain('https://player.vimeo.com')
-            ->addAllowedFrameDomain('https://www.player.vimeo.com');
+            ->addAllowedFrameDomain('https://www.player.vimeo.com')
+            ->addAllowedFrameDomain('https://vk.com')
+            ->addAllowedFrameDomain('https://www.vk.com');
         $response->setContentSecurityPolicy($csp);
 
         return $response;
-- 
cgit v1.2.3