From f5fbd14a149fdb7cf39458441c4168b9592ccfe1 Mon Sep 17 00:00:00 2001
From: Ben Busby <benbusby@protonmail.com>
Date: Wed, 5 May 2021 12:51:11 -0400
Subject: [PATCH] Allow 'data:' for img src in app CSP

Disallowing base64 images in the app resulted in broken image
placeholders for things like pronunciation guides, business reviews,
etc.
---
 app/__init__.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/__init__.py b/app/__init__.py
index 164b8e9..7147019 100644
--- a/app/__init__.py
+++ b/app/__init__.py
@@ -50,7 +50,7 @@ app.config['BANG_FILE'] = os.path.join(
     'bangs.json')
 app.config['CSP'] = 'default-src \'none\';' \
                     'manifest-src \'self\';' \
-                    'img-src \'self\';' \
+                    'img-src \'self\' data:;' \
                     'style-src \'self\' \'unsafe-inline\';' \
                     'script-src \'self\';' \
                     'media-src \'self\';' \