From d4a9bb3c7e090f5fbea4df596be0c6261b3b4ac3 Mon Sep 17 00:00:00 2001
From: Sheogorath
Date: Thu, 4 Oct 2018 03:02:55 +0200
Subject: Add `data:` URL to CSP and upgrade helmet

Seems like the old version of helmet had a problem with `data:`. This
patch upgrades to the latest version and adds the CSP rule to allow
Google Fonts and the offline version of it, to properly include the
fonts and no longer throw ugly error messages at us.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
---
 package.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'package.json')

diff --git a/package.json b/package.json
index 6d461225..6a48e903 100644
--- a/package.json
+++ b/package.json
@@ -46,7 +46,7 @@
     "gist-embed": "~2.6.0",
     "graceful-fs": "^4.1.11",
     "handlebars": "^4.0.6",
-    "helmet": "^3.3.0",
+    "helmet": "^3.13.0",
     "highlight.js": "~9.12.0",
     "i18n": "^0.8.3",
     "imgur": "git+https://github.com/hackmdio/node-imgur.git",
-- 
cgit v1.2.3