diff options
Diffstat (limited to 'src/lib.rs')
| -rw-r--r-- | src/lib.rs | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/src/lib.rs b/src/lib.rs index b12bdfc..cf81dc9 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -384,6 +384,7 @@ where "style-src 'self';", // Only use styles we serve. "base-uri 'none';", // Do not allow to change the base URI. "object-src 'none';", // Do not allow to embed objects (Flash/ActiveX). + "connect-src 'self';", // Allow sending data back to us. (WHY IS THIS A THING OMG) // Allow embedding the Bandcamp player for jam posts. // TODO: perhaps make this policy customizable?… "frame-src 'self' https://bandcamp.com/EmbeddedPlayer/;" |