Project

General

Profile

Actions

Bug #16566

closed

secure headers should allow inline images in css

Added by Tomer Brisker over 8 years ago. Updated over 6 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
Web Interface
Target version:
Difficulty:
Triaged:
Fixed in Releases:
Found in Releases:

Description

current security headers prevent images from loading images inlined in css, leading to errors such as:

jquery.js?27d9:10220 Refused to load the image 'data:image/gif;base64,R0lGODlhEAAQAPQAAP///wAAAPDw8IqKiuDg4EZGRnp6egAAAFhYW…zsPgMCEAY7Cg04Uk48LAsDhRA8MVQPEF0GAgqYYwSRlycNcWskCkApIyEAOwAAAAAAAAAAAA==' because it violates the following Content Security Policy directive: "img-src 'self' *.gravatar.com".

Related issues 1 (0 open1 closed)

Related to Foreman - Feature #9117: Update to secure_headers 3.xClosedTomer Brisker01/26/2015Actions
Actions

Also available in: Atom PDF