From effb5f39f873af6e83f65ec3bce4c6d6b3a0fac3 Mon Sep 17 00:00:00 2001
From: Mischa POSLAWSKY <perl@shiar.org>
Date: Sun, 17 May 2020 02:40:31 +0200
Subject: [PATCH] edit/page: allow image uploads through easyimage

Fix local files shown as blobs in testing.
---
 page.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/page.php b/page.php
index f7c8f7d..35a810a 100644
--- a/page.php
+++ b/page.php
@@ -46,7 +46,7 @@ if ($Page->restricted) {
 
 header(sprintf('Content-Security-Policy: %s', implode('; ', [
 	"default-src 'self' 'unsafe-inline' http://cdn.ckeditor.com", # some overrides remain
-	"img-src 'self' data: http://cdn.ckeditor.com", # inline svg (in css)
+	"img-src 'self' data: blob: http://cdn.ckeditor.com", # inline svg (in css)
 	"base-uri 'self'", # only local pages
 	"frame-ancestors 'none'", # prevent malicious embedding
 ])));
-- 
2.30.0