fedi/mastodon
1
0
Fork 1
mirror of https://github.com/mastodon/mastodon.git synced 2024-12-15 06:38:51 +00:00
Code Issues Packages Projects Releases Wiki Activity

Sandbox toot embeds in the embed modal

Browse source 
It should not be necessary thanks to our Content Security Policy, but best
be sure in case a server's CSP is incorrect. Also, avoids a CSP warning about
loading remote scripts.
This commit is contained in:
Thibaut Girka 2018-12-17 21:42:18 +01:00 committed by ThibG
parent 30de4e4dfc
commit 36d27e2891
1 changed files with 1 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
app/javascript/flavours/glitch/features/ui/components/embed_modal.js
View file

@ -74,6 +74,7 @@ export default class EmbedModal extends ImmutablePureComponent {
className='embed-modal__iframe'
frameBorder='0'
ref={this.setIframeRef}
sandbox='allow-same-origin'
title='preview'
/>
</div>