Enable WebAssemblyCSP flag so wasm-eval CSP can be used instead of requiring unsafe-eval (#617)

This commit is contained in:
csett86 2021-07-31 11:41:17 +02:00 committed by GitHub
parent 9569a46f8a
commit 625b8b828f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 2 additions and 2 deletions

View File

@ -47,7 +47,7 @@ X-Frame-Options "DENY";
```
A working Content Security Policy looks like that:
```
Content-Security-Policy "img-src 'self' 'unsafe-inline' data:; style-src 'self' 'unsafe-inline'; font-src 'self'; object-src 'none'; base-uri 'self'; form-action 'none';";
Content-Security-Policy "img-src 'self' 'unsafe-inline' data:; script-src 'self' 'unsafe-inline' 'wasm-eval'; style-src 'self' 'unsafe-inline'; font-src 'self'; object-src 'none'; base-uri 'self'; form-action 'none';";
```
## Development

View File

@ -213,7 +213,7 @@ function createJitsiMeetWindow() {
minHeight: 600,
show: false,
webPreferences: {
enableBlinkFeatures: 'RTCInsertableStreams,WebAssemblySimd',
enableBlinkFeatures: 'RTCInsertableStreams,WebAssemblySimd,WebAssemblyCSP',
enableRemoteModule: true,
contextIsolation: false,
nativeWindowOpen: true,