github/hedgedoc
1
0
Fork 0
mirror of https://github.com/hedgedoc/hedgedoc.git synced 2025-01-01 03:20:52 +00:00
Code Issues Projects Releases Packages Wiki Activity
hedgedoc/lib
History
Sheogorath 450262c4ab
Allow embedding of video and audio tags 
Adding mediaSrc to CSP so video and audio files can be embedded without
problems.

From a security perspective it should be fine to load audio and video
data without introducing a high security issue. Only from a privacy
perspective it allows another way to track users if there are data
embedded. But it doesn't introduce any new attack vector as pictures are
also allowed from everywhere.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-03-25 20:51:56 +02:00
..
config Change config to camel case with backwards compatibility 2018-03-25 19:08:14 +02:00
migrations Add missing migration for permissions 2018-03-06 16:31:41 +01:00
models Change config to camel case with backwards compatibility 2018-03-25 19:08:14 +02:00
ot Change config to camel case with backwards compatibility 2018-03-25 19:08:14 +02:00
web Change config to camel case with backwards compatibility 2018-03-25 19:08:14 +02:00
workers
csp.js Allow embedding of video and audio tags 2018-03-25 20:51:56 +02:00
history.js Improve history migration performance 2018-03-10 16:51:00 +08:00
letter-avatars.js
logger.js
realtime.js Change config to camel case with backwards compatibility 2018-03-25 19:08:14 +02:00
response.js Change config to camel case with backwards compatibility 2018-03-25 19:08:14 +02:00
utils.js