From f7e4c3928aba9cb7f5222cb4af67846312bbb435 Mon Sep 17 00:00:00 2001
From: Frederic Guillot <fred@kanboard.net>
Date: Sat, 14 Feb 2015 16:11:13 -0500
Subject: Refactoring/simplification of the pull-request about links

---
 app/Controller/Base.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'app/Controller/Base.php')

diff --git a/app/Controller/Base.php b/app/Controller/Base.php
index 2c8b5cde..76a81612 100644
--- a/app/Controller/Base.php
+++ b/app/Controller/Base.php
@@ -141,7 +141,7 @@ abstract class Base
     private function sendHeaders($action)
     {
         // HTTP secure headers
-        $this->response->csp(array('style-src' => "'self' 'unsafe-inline'"));
+        $this->response->csp(array('style-src' => "'self' 'unsafe-inline'", 'img-src' => "'self' data:"));
         $this->response->nosniff();
         $this->response->xss();
 
@@ -201,7 +201,7 @@ abstract class Base
     {
         $project_id = $this->request->getIntegerParam('project_id');
         $task_id = $this->request->getIntegerParam('task_id');
-        
+
         // Allow urls without "project_id"
         if ($task_id > 0 && $project_id === 0) {
             $project_id = $this->taskFinder->getProjectId($task_id);
-- 
cgit v1.2.3