Commit bdfd2b7f authored by Romain Courteaud's avatar Romain Courteaud

erp5_web_js_style: display data uri image

parent 0c3b0435
content_security_policy = "default-src 'self'"
content_security_policy = "default-src 'self'; img-src 'self' data:"
if no_style_gadget_url:
content_security_policy += "; frame-src 'self' https://www.youtube-nocookie.com/embed/"
......
......@@ -32,7 +32,7 @@
</tr>
<tr>
<td>assertElementPresent</td>
<td>//head/meta[@http-equiv='Content-Security-Policy' and @content="default-src 'self'; script-src 'none'"]</td>
<td>//head/meta[@http-equiv='Content-Security-Policy' and @content="default-src 'self'; img-src 'self' data:; script-src 'none'"]</td>
<td></td>
</tr>
......@@ -54,7 +54,7 @@
</tr>
<tr>
<td>assertElementPresent</td>
<td>//head/meta[@http-equiv='Content-Security-Policy' and @content="default-src 'self'; script-src 'none'"]</td>
<td>//head/meta[@http-equiv='Content-Security-Policy' and @content="default-src 'self'; img-src 'self' data:; script-src 'none'"]</td>
<td></td>
</tr>
......@@ -79,7 +79,7 @@
</tr>
<tr>
<td>assertElementPresent</td>
<td>//head/meta[@http-equiv='Content-Security-Policy' and @content="default-src 'self'; frame-src 'self' https://www.youtube-nocookie.com/embed/"]</td>
<td>//head/meta[@http-equiv='Content-Security-Policy' and @content="default-src 'self'; img-src 'self' data:; frame-src 'self' https://www.youtube-nocookie.com/embed/"]</td>
<td></td>
</tr>
......@@ -101,7 +101,7 @@
</tr>
<tr>
<td>assertElementPresent</td>
<td>//head/meta[@http-equiv='Content-Security-Policy' and @content="default-src 'self'; frame-src 'self' https://www.youtube-nocookie.com/embed/"]</td>
<td>//head/meta[@http-equiv='Content-Security-Policy' and @content="default-src 'self'; img-src 'self' data:; frame-src 'self' https://www.youtube-nocookie.com/embed/"]</td>
<td></td>
</tr>
......@@ -115,7 +115,7 @@
</tr>
<tr>
<td>assertElementPresent</td>
<td>//head/meta[@http-equiv='Content-Security-Policy' and @content="default-src 'self'; script-src 'none'"]</td>
<td>//head/meta[@http-equiv='Content-Security-Policy' and @content="default-src 'self'; img-src 'self' data:; script-src 'none'"]</td>
<td></td>
</tr>
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment