From: Mischa POSLAWSKY <perl@shiar.org>
Date: Sun, 17 May 2020 00:40:31 +0000 (+0200)
Subject: edit/page: allow image uploads through easyimage
X-Git-Tag: v5.1~23
X-Git-Url: http://git.shiar.nl/minimedit.git/commitdiff_plain/effb5f39f873af6e83f65ec3bce4c6d6b3a0fac3

edit/page: allow image uploads through easyimage

Fix local files shown as blobs in testing.
---

diff --git a/page.php b/page.php
index f7c8f7d..35a810a 100644
--- a/page.php
+++ b/page.php
@@ -46,7 +46,7 @@ if ($Page->restricted) {
 
 header(sprintf('Content-Security-Policy: %s', implode('; ', [
 	"default-src 'self' 'unsafe-inline' http://cdn.ckeditor.com", # some overrides remain
-	"img-src 'self' data: http://cdn.ckeditor.com", # inline svg (in css)
+	"img-src 'self' data: blob: http://cdn.ckeditor.com", # inline svg (in css)
 	"base-uri 'self'", # only local pages
 	"frame-ancestors 'none'", # prevent malicious embedding
 ])));