Allow any outgoing XHR connections

Quickfix for https://github.com/owncloud/core/issues/11064
2014-10-30 00:00:40 +01:00 · 2014-10-30 00:00:40 +01:00 · b3f881748d
parent e8703f648d
commit b3f881748d
2 changed files with 3 additions and 2 deletions
--- a/config/config.sample.php
+++ b/config/config.sample.php
@ -831,7 +831,7 @@ $CONFIG = array(
 'custom_csp_policy' =>
 	"default-src 'self'; script-src 'self' 'unsafe-eval'; ".
 	"style-src 'self' 'unsafe-inline'; frame-src *; img-src *; ".
-	"font-src 'self' data:; media-src *",
+	"font-src 'self' data:; media-src *; connect-src *",


 /**
--- a/lib/private/response.php
+++ b/lib/private/response.php
@ -212,7 +212,8 @@ class OC_Response {
 			. 'frame-src *; '
 			. 'img-src *; '
 			. 'font-src \'self\' data:; '
-			. 'media-src *');
+			. 'media-src *; ' 
+			. 'connect-src *');
 		header('Content-Security-Policy:' . $policy);

 		// https://developers.google.com/webmasters/control-crawl-index/docs/robots_meta_tag