diff options
| author | James Taylor <user234683@users.noreply.github.com> | 2020-10-19 13:31:32 -0700 |
|---|---|---|
| committer | James Taylor <user234683@users.noreply.github.com> | 2020-10-19 13:33:17 -0700 |
| commit | b35afb7cf6c7640380c650ca60c8150bb743eb4b (patch) | |
| tree | f50b850400194b8d49d922b4c70128d3c05770e8 /youtube/templates/base.html | |
| parent | ef711dad0590b45a70617ab8717d963fc7df831c (diff) | |
| download | yt-local-b35afb7cf6c7640380c650ca60c8150bb743eb4b.tar.lz yt-local-b35afb7cf6c7640380c650ca60c8150bb743eb4b.tar.xz yt-local-b35afb7cf6c7640380c650ca60c8150bb743eb4b.zip | |
Add 'self' directive for img to CSP when proxy_images is off
The default directive has self, but the img directive overrides
that completely. Need this for local image requests such as
subscriptions
closes #31
Diffstat (limited to 'youtube/templates/base.html')
| -rw-r--r-- | youtube/templates/base.html | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/youtube/templates/base.html b/youtube/templates/base.html index f325f86..379419c 100644 --- a/youtube/templates/base.html +++ b/youtube/templates/base.html @@ -4,7 +4,7 @@ <meta charset="utf-8"> <title>{{ page_title }}</title> <meta http-equiv="Content-Security-Policy" content="default-src 'self' 'unsafe-inline'; media-src 'self' https://*.googlevideo.com; - {{ "img-src https://*.googleusercontent.com https://*.ggpht.com https://*.ytimg.com;" if not settings.proxy_images else "" }}"> + {{ "img-src 'self' https://*.googleusercontent.com https://*.ggpht.com https://*.ytimg.com;" if not settings.proxy_images else "" }}"> <link href="{{ theme_path }}" type="text/css" rel="stylesheet"> <link href="/youtube.com/static/shared.css" type="text/css" rel="stylesheet"> <link href="/youtube.com/static/comments.css" type="text/css" rel="stylesheet"> |