We have `allow_thirdparty_images` policy on some pages that sets `img-src` policy to `*`. But `*` does not include data uris. That causes some of the ui elements to disappear.
For example, on `/account/edit` there's no dropdown icon:  After this fix:  You can view, comment on, or merge this pull request online at: https://github.com/openstreetmap/openstreetmap-website/pull/5378 -- Commit Summary -- * Include data: when using allow_thirdparty_images CSP -- File Changes -- M app/controllers/application_controller.rb (2) -- Patch Links -- https://github.com/openstreetmap/openstreetmap-website/pull/5378.patch https://github.com/openstreetmap/openstreetmap-website/pull/5378.diff -- Reply to this email directly or view it on GitHub: https://github.com/openstreetmap/openstreetmap-website/pull/5378 You are receiving this because you are subscribed to this thread. Message ID: <openstreetmap/openstreetmap-website/pull/5...@github.com>
_______________________________________________ rails-dev mailing list rails-dev@openstreetmap.org https://lists.openstreetmap.org/listinfo/rails-dev
