Skip to content

Commit 30a7678

Browse files
author
andreas venizelou
committed
Relax CSP for debit-notes printing
1 parent 5162a15 commit 30a7678

1 file changed

Lines changed: 4 additions & 1 deletion

File tree

Protest/Http/Listener.cs

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -277,7 +277,10 @@ private async Task ListenerCallback(HttpListenerContext ctx) {
277277

278278
ctx.Response.AddHeader("X-Frame-Options", "DENY");
279279
ctx.Response.AddHeader("X-Content-Type-Options", "nosniff");
280-
ctx.Response.AddHeader("Content-Security-Policy", "default-src 'self'; img-src 'self' data:");
280+
281+
//ctx.Response.AddHeader("Content-Security-Policy", "default-src 'self'; img-src 'self' data:");
282+
//relaxed policy for debit-notes printing
283+
ctx.Response.AddHeader("Content-Security-Policy", "default-src 'self'; img-src 'self' data:; script-src 'self'; style-src 'self' 'unsafe-inline'");
281284

282285
if (await CacheHandler(ctx, path)) return;
283286

0 commit comments

Comments
 (0)