mirror of
https://gitea.phreedom.club/localhost_frssoft/bloat.git
synced 2024-12-24 14:39:48 +00:00
Remove form-action CSP directive
Chrome incorrectly restricts the redirect URL to the sources specified in the form-action value, which prevents the instance oauth page from loading.
This commit is contained in:
parent
597cfc6b1e
commit
f4881e7267
@ -32,7 +32,6 @@ const csp = "default-src 'none';" +
|
||||
" font-src *;" +
|
||||
" child-src *;" +
|
||||
" connect-src 'self';" +
|
||||
" form-action 'self';" +
|
||||
" script-src 'self';" +
|
||||
" style-src 'self'"
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user