From e53be466f921b89ef475543434fafa5e9d89c3de Mon Sep 17 00:00:00 2001
From: guilhem <guilhem@web>
Date: Thu, 7 Apr 2016 19:28:18 +0200
Subject: really close

---
 tracker/CSP_too_strict.mdwn | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

(limited to 'tracker')

diff --git a/tracker/CSP_too_strict.mdwn b/tracker/CSP_too_strict.mdwn
index 2b27eff..308754d 100644
--- a/tracker/CSP_too_strict.mdwn
+++ b/tracker/CSP_too_strict.mdwn
@@ -10,5 +10,6 @@ Oh wait, that's weird: it seems to block data-urls too:
 Content Security Policy: The page's settings blocked the loading of a resource at data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACH5BAEAAAAALAAAAAABAAEAAAICRAEAOw== ("img-src https://mail.fripost.org").
 ```
 
-I'm not excited about allowing browsers to load images from arbitrary sources, but hopefully roundcube's anti-XSS filter is good enough.  I've also checked with the [Email Privacy Tester](https://emailprivacytester.com/)
-that other external ressources blocked by the CSP are probably malicious.  Let's call that [done](https://git.fripost.org/fripost-ansible/commit/?id=c90ae1fe9d40a0271844d321a7a54ee219735ccf). -- [[guilhem]]
+I'm not too excited about allowing browsers to load images from arbitrary sources, but [did it anyway](https://git.fripost.org/fripost-ansible/commit/?id=c90ae1fe9d40a0271844d321a7a54ee219735ccf) with the hope that roundcube's anti-XSS filter is good enough.
+I've also checked with the [Email Privacy Tester](https://emailprivacytester.com/) that other external resources blocked by the CSP are probably malicious.
+[[closed]]. -- [[guilhem]]
-- 
cgit v1.2.3