diff --git a/dev/data/manifest-variants.json b/dev/data/manifest-variants.json index 486e78c0..3f65d86f 100644 --- a/dev/data/manifest-variants.json +++ b/dev/data/manifest-variants.json @@ -71,7 +71,7 @@ "pages": [ "bg/template-renderer.html" ], - "content_security_policy": "sandbox allow-scripts; script-src 'self' 'unsafe-eval'; object-src 'self'" + "content_security_policy": "sandbox allow-scripts; default-src 'self'; script-src 'self' 'unsafe-eval'" }, "permissions": [ "", @@ -103,7 +103,7 @@ "fg/float.html", "bg/template-renderer.html" ], - "content_security_policy": "script-src 'self'; object-src 'self'" + "content_security_policy": "default-src 'self'; style-src 'self' 'unsafe-inline'; media-src *; connect-src *" }, "variants": [ { @@ -146,7 +146,7 @@ { "action": "set", "path": ["content_security_policy"], - "value": "script-src 'self' 'unsafe-eval'; object-src 'self'" + "value": "default-src 'self'; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; media-src *; connect-src *" }, { "action": "set", diff --git a/ext/manifest.json b/ext/manifest.json index 89af7011..3695c053 100644 --- a/ext/manifest.json +++ b/ext/manifest.json @@ -70,7 +70,7 @@ "pages": [ "bg/template-renderer.html" ], - "content_security_policy": "sandbox allow-scripts; script-src 'self' 'unsafe-eval'; object-src 'self'" + "content_security_policy": "sandbox allow-scripts; default-src 'self'; script-src 'self' 'unsafe-eval'" }, "permissions": [ "", @@ -102,5 +102,5 @@ "fg/float.html", "bg/template-renderer.html" ], - "content_security_policy": "script-src 'self'; object-src 'self'" + "content_security_policy": "default-src 'self'; style-src 'self' 'unsafe-inline'; media-src *; connect-src *" }