firefox considers style in .svg things "unsafe-inline" settings, so we need a differe...

author Peter Palfrader <peter@palfrader.org>

Wed, 8 Mar 2017 18:00:44 +0000 (19:00 +0100)

committer Peter Palfrader <peter@palfrader.org>

Wed, 8 Mar 2017 18:00:44 +0000 (19:00 +0100)
author Peter Palfrader <peter@palfrader.org>
Wed, 8 Mar 2017 18:00:44 +0000 (19:00 +0100)
committer Peter Palfrader <peter@palfrader.org>
Wed, 8 Mar 2017 18:00:44 +0000 (19:00 +0100)
diff --git a/modules/roles/templates/static-mirroring/vhost/static-vhosts-simple.erb b/modules/roles/templates/static-mirroring/vhost/static-vhosts-simple.erb

index 3cc2400..d15ceb0 100644 (file)
--- a/modules/roles/templates/static-mirroring/vhost/static-vhosts-simple.erb
+++ b/modules/roles/templates/static-mirroring/vhost/static-vhosts-simple.erb
@@ -149,6 +149,9 @@
         RewriteRule ^/source/([a-z0-9-]+)/([a-zA-Z0-9.+:~-]+)$ /${source-map:$1/$2} [L,R,NE]
  
         Header always set Content-Security-Policy "default-src 'self'; media-src 'none'; object-src 'none';"
+       <FilesMatch "\.(svg)$">
+               Header always set Content-Security-Policy "default-src 'none'; frame-ancestors 'none'; style-src 'self' 'unsafe-inline';"
+       </FilesMatch>
  </Macro>
  
  <%=
author	Peter Palfrader <peter@palfrader.org>
	Wed, 8 Mar 2017 18:00:44 +0000 (19:00 +0100)
committer	Peter Palfrader <peter@palfrader.org>
	Wed, 8 Mar 2017 18:00:44 +0000 (19:00 +0100)