Fix CSP for Safari

It seems Safari expands the HTML imports before applying the CSP. Some links were breaking because of that.
rogervaas · Jun 6, 2019 · 744a850 · 744a850
1 parent f759d4e
commit 744a850
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/src/server_manager/index.html b/src/server_manager/index.html
@@ -29,7 +29,7 @@
   <script src="server_manager/web_app/main.js"></script>
 
   <!-- TODO: Add Outline servers to connect-src on-demand (in addition to the DigitalOcean API). -->
-  <meta http-equiv="Content-Security-Policy" content="default-src 'self' 'unsafe-inline' outline:; connect-src https: 'self'; frame-src https://s3.amazonaws.com/outline-vpn/ ss:">
+  <meta http-equiv="Content-Security-Policy" content="default-src 'self' 'unsafe-inline' outline: data:; connect-src https: 'self'; frame-src https://s3.amazonaws.com/outline-vpn/ ss:">
 
   <style>
     body {