Skip to content

Commit 4c08519

Browse files
waleedlatif1waleedlatif1
committed
fix(csp): revert html preview img-src to data: blob: to preserve connect-src none isolation
1 parent 7a18f1f commit 4c08519

1 file changed

Lines changed: 1 addition & 1 deletion

File tree

apps/sim/app/workspace/[workspaceId]/files/components/file-viewer/preview-panel.tsx

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -734,7 +734,7 @@ const HTML_PREVIEW_CSP = [
734734
"default-src 'none'",
735735
"script-src 'unsafe-inline'",
736736
"style-src 'unsafe-inline'",
737-
'img-src https: data: blob:',
737+
'img-src data: blob:',
738738
'font-src data:',
739739
'media-src data: blob:',
740740
"connect-src 'none'",

0 commit comments

Comments
 (0)