X-Git-Url: https://git.openstreetmap.org/rails.git/blobdiff_plain/428e7d6baa28ecb7d06f1f851fdd69ef00249bfb..d3b9987bb863e25fc3175f6848d8a430b17f54c2:/app/controllers/site_controller.rb

diff --git a/app/controllers/site_controller.rb b/app/controllers/site_controller.rb
index 353feecef..b0552322e 100644
--- a/app/controllers/site_controller.rb
+++ b/app/controllers/site_controller.rb
@@ -72,7 +72,8 @@ class SiteController < ApplicationController
     if editor == "potlatch" || editor == "potlatch2"
       append_content_security_policy_directives(
         :object_src => %w(*),
-        :plugin_types => %w(application/x-shockwave-flash)
+        :plugin_types => %w(application/x-shockwave-flash),
+        :script_src => %w('unsafe-inline')
       )
     end