From 555dc2266b7aac02ddf203080befc3f64b3db823 Mon Sep 17 00:00:00 2001
From: lazysoundsystem <andyfootner@netscape.net>
Date: Mon, 28 Oct 2024 14:06:11 +0100
Subject: [PATCH] chore: csp restore data: as exception for img-src

Refs: OPS-10754
---
 config/seckit.settings.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/config/seckit.settings.yml b/config/seckit.settings.yml
index c869d3a..34f4146 100644
--- a/config/seckit.settings.yml
+++ b/config/seckit.settings.yml
@@ -11,7 +11,7 @@ seckit_xss:
     script-src: "'self' 'unsafe-inline' fonts.googleapis.com www.gstatic.com https://*.google.com https://*.googletagmanager.com *.google-analytics.com  https://tagmanager.google.com"
     object-src: "'none'"
     style-src: "'self' 'unsafe-inline' https://googletagmanager.com https://tagmanager.google.com fonts.googleapis.com"
-    img-src: "'self' https://*.google-analytics.com https://*.googletagmanager.com gstatic.com https://www.google.com https://google.com"
+    img-src: "'self' data: https://*.google-analytics.com https://*.googletagmanager.com gstatic.com https://www.google.com https://google.com"
     media-src: "'none'"
     frame-src: "'self' https://www.googletagmanager.com"
     frame-ancestors: "'self'"