Add 'sandbox' to CSP for media repo (#4284)

* Add 'sandbox' to the CSP for media repo * Changelog
author: David Baker <dbkr@users.noreply.github.com> 2018-12-10 17:05:02 +0000
committer: Amber Brown <hawkowl@atleastfornow.net> 2018-12-11 04:05:02 +1100
commit: 89ac2a5bdb1b5ab2bf25dfaf4d50dcc9565a69c1 (patch)
tree: 3104aa3b8862061538148ba7e67dcc99c28d1b97 /synapse/rest/media
parent: Merge pull request #4279 from matrix-org/hs/fix-config-cors (diff)
download: synapse-89ac2a5bdb1b5ab2bf25dfaf4d50dcc9565a69c1.tar.xz
1 files changed, 2 insertions, 1 deletions
diff --git a/synapse/rest/media/v1/download_resource.py b/synapse/rest/media/v1/download_resource.py
index f911b120b1..bdc5daecc1 100644
--- a/synapse/rest/media/v1/download_resource.py
+++ b/synapse/rest/media/v1/download_resource.py
@@ -48,7 +48,8 @@ class DownloadResource(Resource):
         set_cors_headers(request)
         request.setHeader(
             b"Content-Security-Policy",
-            b"default-src 'none';"
+            b"sandbox;"
+            b" default-src 'none';"
             b" script-src 'none';"
             b" plugin-types application/pdf;"
             b" style-src 'unsafe-inline';"
author	David Baker <dbkr@users.noreply.github.com>	2018-12-10 17:05:02 +0000
committer	Amber Brown <hawkowl@atleastfornow.net>	2018-12-11 04:05:02 +1100
commit	89ac2a5bdb1b5ab2bf25dfaf4d50dcc9565a69c1 (patch)
tree	3104aa3b8862061538148ba7e67dcc99c28d1b97 /synapse/rest/media
parent	Merge pull request #4279 from matrix-org/hs/fix-config-cors (diff)
download	synapse-89ac2a5bdb1b5ab2bf25dfaf4d50dcc9565a69c1.tar.xz