From e1feea851ca0e0a7d34efa79ba641d867a113442 Mon Sep 17 00:00:00 2001 From: Christian Pointner Date: Thu, 1 Sep 2016 15:05:35 +0200 Subject: allow unsafe-inline for styles diff --git a/README b/README index f0cbe29..6554f3b 100644 --- a/README +++ b/README @@ -46,7 +46,7 @@ LDAPTrustedGlobalCert CA_BASE64 /etc/ldap/ldapscert.pem add the following to the virtualhost config: ~~~snip~~~ - Header always set Content-Security-Policy "default-src 'none'; connect-src 'self' wss://import.helsinki.at; img-src 'self'; script-src 'self'; style-src 'self'; font-src 'self';" + Header always set Content-Security-Policy "default-src 'none'; connect-src 'self' wss://import.helsinki.at; img-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self';" AssignUserID rduser rivendell -- cgit v0.10.2