From af5f633aa727f36bfca0708aae786d82c2d8760a Mon Sep 17 00:00:00 2001
From: trendschau <trendschau@gmail.com>
Date: Thu, 4 Jan 2024 21:01:40 +0100
Subject: [PATCH] v2.1.0 add data to csp

---
 system/typemill/Middleware/CspHeadersMiddleware.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/system/typemill/Middleware/CspHeadersMiddleware.php b/system/typemill/Middleware/CspHeadersMiddleware.php
index c0767c1..79a1064 100644
--- a/system/typemill/Middleware/CspHeadersMiddleware.php
+++ b/system/typemill/Middleware/CspHeadersMiddleware.php
@@ -29,7 +29,7 @@ class CspHeadersMiddleware implements MiddlewareInterface
 		# add the custom headers to the response after everything is processed
 		$response = $handler->handle($request);
 
-		$whitelist 	= ["'unsafe-inline'", "'unsafe-eval'", "'self'", "*.youtube-nocookie.com", "*.youtube.com"];
+		$whitelist 	= ["'unsafe-inline'", "'unsafe-eval'", "'self'", "data:", "*.youtube-nocookie.com", "*.youtube.com"];
 
 		$cspdomains = isset($this->settings['cspdomains']) ? trim($this->settings['cspdomains']) : false;