diff options
author | Sheogorath | 2018-12-05 13:14:34 +0100 |
---|---|---|
committer | Sheogorath | 2018-12-05 13:17:14 +0100 |
commit | ecee16bd737b59d93ac0d1633fd8afd6aabca063 (patch) | |
tree | 75cda83082bbd063c791db33d94412e2a895ae23 /public/views/index/head.ejs | |
parent | b40f14f66dd5446c1a2a9b20b3065d5c4726c3a8 (diff) |
Fix disqus CSP
Disqus loads it's embed config.js from its root domain
(https://disqus.com). Our CSPs only allow subdomains (e.g.:
https://codimd.disqus.com). This causes the disqus embedding to fail.
This patch should fix this problem by adding https://disqus.com to the
CSP setting. From a security perspective there is no real change. Since
still the same parties are involved.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
Diffstat (limited to 'public/views/index/head.ejs')
0 files changed, 0 insertions, 0 deletions