diff options
author | Stefan Giehl <stefan@matomo.org> | 2022-08-18 02:50:58 +0300 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-08-18 02:50:58 +0300 |
commit | 5039b8effa058ef6b65c966d5d2b7cad76c3a523 (patch) | |
tree | 6cff0a00df001a36d09a2450a33fd0c5df256c3f /plugins/CorePluginsAdmin/Controller.php | |
parent | 6a97934c0bf01e1bc2d25b799cb9847c08410229 (diff) |
Fix CSP header when viewing plugin details (#19632)
Diffstat (limited to 'plugins/CorePluginsAdmin/Controller.php')
-rw-r--r-- | plugins/CorePluginsAdmin/Controller.php | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/plugins/CorePluginsAdmin/Controller.php b/plugins/CorePluginsAdmin/Controller.php index 4104e68376..33f0698247 100644 --- a/plugins/CorePluginsAdmin/Controller.php +++ b/plugins/CorePluginsAdmin/Controller.php @@ -205,6 +205,9 @@ class Controller extends Plugin\ControllerAdmin $view = $this->configureView('@CorePluginsAdmin/' . $template); + $this->securityPolicy->addPolicy('img-src', '*.matomo.org'); + $this->securityPolicy->addPolicy('default-src', '*.matomo.org'); + $view->updateNonce = Nonce::getNonce(MarketplaceController::UPDATE_NONCE); $view->activateNonce = Nonce::getNonce(static::ACTIVATE_NONCE); $view->uninstallNonce = Nonce::getNonce(static::UNINSTALL_NONCE); |