From d939de17df08b7a2ff8302869981f4fc88566cd9 Mon Sep 17 00:00:00 2001
From: Sheogorath
Date: Fri, 30 Mar 2018 16:33:32 +0200
Subject: Fix CSP for disqus and Google Analytics

This commit should fix existing problems with Disqus and Google
Analytics enabled in the meta-yaml section of a note.

Before this commit they were blocked by the strict CSP. It's still
possible to disable the added directives using `addDisqus` and
`addGoogleAnalytics` in the `csp` config section.

They are enabled by default to prevent breaking changes.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
---
 config.json.example | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'config.json.example')

diff --git a/config.json.example b/config.json.example
index 8d1b6abd..2d9b7714 100644
--- a/config.json.example
+++ b/config.json.example
@@ -27,7 +27,9 @@
             "directives": {
             },
             "upgradeInsecureRequests": "auto"
-            "addDefaults": true
+            "addDefaults": true,
+            "addDisqus": true,
+            "addGoogleAnalytics": true
         },
         "db": {
             "username": "",
-- 
cgit v1.2.3