You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We are using this package for some time now and it works great! But we are trying to implement a secure content security policy. However, the preview of the images is show as a base64 image. In order to allow to show those we need to add image-src: 'data' to our CSP. The documentation of the CSP marks this as potentially insecure. Is there a way to still have the previews working without allowing this potentially insecure method?
Would be great to hear how other projects use this package in combination with a CSP.
The text was updated successfully, but these errors were encountered:
We are using this package for some time now and it works great! But we are trying to implement a secure content security policy. However, the preview of the images is show as a base64 image. In order to allow to show those we need to add
image-src: 'data'to our CSP. The documentation of the CSP marks this as potentially insecure. Is there a way to still have the previews working without allowing this potentially insecure method?Would be great to hear how other projects use this package in combination with a CSP.
The text was updated successfully, but these errors were encountered: