Update content-security-policy to be more explicit (#1109)

author: toasted-nutbread <toasted-nutbread@users.noreply.github.com> 2020-12-13 13:56:45 -0500
committer: GitHub <noreply@github.com> 2020-12-13 13:56:45 -0500
commit: 05e213674c794d55a05acc61cb24ed9642ccc1db (patch)
tree: cf245004fb2f47da6d2720bd470880b3c9eed713 /ext/manifest.json
parent: dabe5fa8994de1f93acd41a29bd168f485a98e29 (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/ext/manifest.json b/ext/manifest.json
index 89af7011..3695c053 100644
--- a/ext/manifest.json
+++ b/ext/manifest.json
@@ -70,7 +70,7 @@
         "pages": [
             "bg/template-renderer.html"
         ],
-        "content_security_policy": "sandbox allow-scripts; script-src 'self' 'unsafe-eval'; object-src 'self'"
+        "content_security_policy": "sandbox allow-scripts; default-src 'self'; script-src 'self' 'unsafe-eval'"
     },
     "permissions": [
         "<all_urls>",
@@ -102,5 +102,5 @@
         "fg/float.html",
         "bg/template-renderer.html"
     ],
-    "content_security_policy": "script-src 'self'; object-src 'self'"
+    "content_security_policy": "default-src 'self'; style-src 'self' 'unsafe-inline'; media-src *; connect-src *"
 }
author	toasted-nutbread <toasted-nutbread@users.noreply.github.com>	2020-12-13 13:56:45 -0500
committer	GitHub <noreply@github.com>	2020-12-13 13:56:45 -0500
commit	05e213674c794d55a05acc61cb24ed9642ccc1db (patch)
tree	cf245004fb2f47da6d2720bd470880b3c9eed713 /ext/manifest.json
parent	dabe5fa8994de1f93acd41a29bd168f485a98e29 (diff)