Bug #16566: secure headers should allow inline images in css - Foreman

Actions

Copy link

Bug #16566

closed

secure headers should allow inline images in css

Added by Tomer Brisker over 8 years ago. Updated over 6 years ago.

Status:

Closed

Priority:

Normal

Assignee:

Tomer Brisker

Category:

Web Interface

Target version:

1.14.0

Difficulty:

Triaged:

Bugzilla link:

Pull request:

https://github.com/theforeman/foreman/pull/3850

Fixed in Releases:

Found in Releases:

Nightly

Red Hat JIRA:

Description

current security headers prevent images from loading images inlined in css, leading to errors such as:

jquery.js?27d9:10220 Refused to load the image 'data:image/gif;base64,R0lGODlhEAAQAPQAAP///wAAAPDw8IqKiuDg4EZGRnp6egAAAFhYW…zsPgMCEAY7Cg04Uk48LAsDhRA8MVQPEF0GAgqYYwSRlycNcWskCkApIyEAOwAAAAAAAAAAAA==' because it violates the following Content Security Policy directive: "img-src 'self' *.gravatar.com".

Related issues 1 (0 open — 1 closed)

History
Notes
Property changes
Associated revisions

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Custom queries

Bug #16566

secure headers should allow inline images in css

Updated by The Foreman Bot over 8 years ago

Updated by Tomer Brisker over 8 years ago

Updated by Dominic Cleal over 8 years ago

Updated by Anonymous over 8 years ago

Updated by Daniel Lobato Garcia about 8 years ago