summaryrefslogtreecommitdiff
path: root/public/js/lib/editor
diff options
context:
space:
mode:
authorSheogorath2018-03-25 20:50:30 +0200
committerSheogorath2018-03-25 20:51:56 +0200
commit450262c4ab6519fec3943e1d19bd48f78f8a8713 (patch)
tree31feed1dc87874261bcf6c46a31bf871d3393375 /public/js/lib/editor
parent57c47a65dde59d355fba702bc91c63eebcc2533c (diff)
Allow embedding of video and audio tags
Adding mediaSrc to CSP so video and audio files can be embedded without problems. From a security perspective it should be fine to load audio and video data without introducing a high security issue. Only from a privacy perspective it allows another way to track users if there are data embedded. But it doesn't introduce any new attack vector as pictures are also allowed from everywhere. Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
Diffstat (limited to 'public/js/lib/editor')
0 files changed, 0 insertions, 0 deletions