From 35aa02167c01b7bcfd5d5580bbd9c255aa4351f7 Mon Sep 17 00:00:00 2001
From: Ben Busby <benbusby@protonmail.com>
Date: Mon, 3 May 2021 14:36:00 -0400
Subject: [PATCH 1/2] Clarify how to enable whoogle.env for
 docker/docker-compose

The readme section on enabling whoogle.env needed to be updated to clarify
how it should work for "docker-compose" and "docker build" runs.
---
 README.md | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index cdcb2ad..34b5b1d 100644
--- a/README.md
+++ b/README.md
@@ -237,7 +237,11 @@ Depending on your preferences, you can also deploy the app yourself on your own
   - A bit more experience or willingness to work through issues
 
 ## Environment Variables
-There are a few optional environment variables available for customizing a Whoogle instance. These can be set manually, or copied into `whoogle.env` and enabled by setting `WHOOGLE_DOTENV=1`.
+There are a few optional environment variables available for customizing a Whoogle instance. These can be set manually, or copied into `whoogle.env` and enabled for your preferred deployment method:
+
+- Local runs: Set `WHOOGLE_DOTENV=1` before running
+- With `docker-compose`: Uncomment the `env_file` option
+- With `docker build/run`: Add `--env-file ./whoogle.env` to your command
 
 | Variable           | Description                                                                               |
 | ------------------ | ----------------------------------------------------------------------------------------- |

From a7bf9728e30f53a5cfc3b295b5354dcfbf6440c0 Mon Sep 17 00:00:00 2001
From: Ben Busby <benbusby@protonmail.com>
Date: Wed, 5 May 2021 12:51:11 -0400
Subject: [PATCH 2/2] Allow 'data:' for img src in app CSP

Disallowing base64 images in the app resulted in broken image
placeholders for things like pronunciation guides, business reviews,
etc.
---
 app/__init__.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/__init__.py b/app/__init__.py
index a6dbd38..3340150 100644
--- a/app/__init__.py
+++ b/app/__init__.py
@@ -51,7 +51,7 @@ app.config['BANG_FILE'] = os.path.join(
     'bangs.json')
 app.config['CSP'] = 'default-src \'none\';' \
                     'manifest-src \'self\';' \
-                    'img-src \'self\';' \
+                    'img-src \'self\' data:;' \
                     'style-src \'self\' \'unsafe-inline\';' \
                     'script-src \'self\';' \
                     'media-src \'self\';' \