Merge pull request #17818 from vector-im/gsouquet/fix-6162

Enhance security by disallowing CSP object-src rule
2021-06-29 15:33:32 +01:00
parent 6110e3df14 33d05678b4
commit 4ba0e6bdee
1 changed files with 0 additions and 1 deletions
--- a/src/vector/index.html
+++ b/src/vector/index.html
@@ -35,7 +35,6 @@
        worker-src 'self';
        frame-src * blob: data:;
        form-action 'self';
-        object-src 'self';
        manifest-src 'self';
    ">
    <% for (var i=0; i < htmlWebpackPlugin.files.css.length; i++) {