diff options
author | 2024-02-24 20:41:53 +0100 | |
---|---|---|
committer | 2024-02-24 20:41:53 +0100 | |
commit | 833e2f58afaafbea3e6fbf2cb3d9aa53a641fc84 (patch) | |
tree | 3b3e495b5718ae9a8833e1b5f9fa34377a11de8f /subprojects/language-web | |
parent | Merge pull request #53 from kris7t/imports (diff) | |
parent | chore(deps); bump dependencies (diff) | |
download | refinery-833e2f58afaafbea3e6fbf2cb3d9aa53a641fc84.tar.gz refinery-833e2f58afaafbea3e6fbf2cb3d9aa53a641fc84.tar.zst refinery-833e2f58afaafbea3e6fbf2cb3d9aa53a641fc84.zip |
Merge pull request #55 from kris7t/svg-export
Frontend: file management and svg export
Diffstat (limited to 'subprojects/language-web')
-rw-r--r-- | subprojects/language-web/src/main/java/tools/refinery/language/web/SecurityHeadersFilter.java | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/subprojects/language-web/src/main/java/tools/refinery/language/web/SecurityHeadersFilter.java b/subprojects/language-web/src/main/java/tools/refinery/language/web/SecurityHeadersFilter.java index cc87917f..19eeeff3 100644 --- a/subprojects/language-web/src/main/java/tools/refinery/language/web/SecurityHeadersFilter.java +++ b/subprojects/language-web/src/main/java/tools/refinery/language/web/SecurityHeadersFilter.java | |||
@@ -20,8 +20,8 @@ public class SecurityHeadersFilter implements Filter { | |||
20 | // CodeMirror needs inline styles, see e.g., | 20 | // CodeMirror needs inline styles, see e.g., |
21 | // https://discuss.codemirror.net/t/inline-styles-and-content-security-policy/1311/2 | 21 | // https://discuss.codemirror.net/t/inline-styles-and-content-security-policy/1311/2 |
22 | "style-src 'self' 'unsafe-inline'; " + | 22 | "style-src 'self' 'unsafe-inline'; " + |
23 | // Use 'data:' for displaying inline SVG backgrounds. | 23 | // Use 'data:' for displaying inline SVG backgrounds and blob for rendering SVG. |
24 | "img-src 'self' data:; " + | 24 | "img-src 'self' data: blob:; " + |
25 | "font-src 'self'; " + | 25 | "font-src 'self'; " + |
26 | // Fetch data:application/octet-stream;base64 URIs to unpack compressed URL fragments. | 26 | // Fetch data:application/octet-stream;base64 URIs to unpack compressed URL fragments. |
27 | "connect-src 'self' data:; " + | 27 | "connect-src 'self' data:; " + |