Enable WebAssemblyCSP flag so wasm-eval CSP can be used instead of requiring unsafe-eval (#617)

author: csett86 <csett86@web.de> 2021-07-31 11:41:17 +0200
committer: GitHub <noreply@github.com> 2021-07-31 11:41:17 +0200
commit: 625b8b828f01b063810976c0a8d8871467117824 (patch)
tree: a6ae49cbeaa2b3893f67e2558c844432935baa1c
parent: 9569a46f8a065a8d2da8660502c84eb0f8045fc3 (diff)
2 files changed, 2 insertions, 2 deletions
diff --git a/README.md b/README.md
index f70cc48..dbeadaa 100644
--- a/README.md
+++ b/README.md
@@ -47,7 +47,7 @@ X-Frame-Options "DENY";
 ```
 A working Content Security Policy looks like that:
 ```
-Content-Security-Policy "img-src 'self' 'unsafe-inline' data:; style-src 'self' 'unsafe-inline'; font-src 'self'; object-src 'none'; base-uri 'self'; form-action 'none';";
+Content-Security-Policy "img-src 'self' 'unsafe-inline' data:; script-src 'self' 'unsafe-inline' 'wasm-eval'; style-src 'self' 'unsafe-inline'; font-src 'self'; object-src 'none'; base-uri 'self'; form-action 'none';";
 ```
 
 ## Development
diff --git a/main.js b/main.js
index 94d4352..a1f76e8 100644
--- a/main.js
+++ b/main.js
@@ -213,7 +213,7 @@ function createJitsiMeetWindow() {
         minHeight: 600,
         show: false,
         webPreferences: {
-            enableBlinkFeatures: 'RTCInsertableStreams,WebAssemblySimd',
+            enableBlinkFeatures: 'RTCInsertableStreams,WebAssemblySimd,WebAssemblyCSP',
             enableRemoteModule: true,
             contextIsolation: false,
             nativeWindowOpen: true,
author	csett86 <csett86@web.de>	2021-07-31 11:41:17 +0200
committer	GitHub <noreply@github.com>	2021-07-31 11:41:17 +0200
commit	625b8b828f01b063810976c0a8d8871467117824 (patch)
tree	a6ae49cbeaa2b3893f67e2558c844432935baa1c
parent	9569a46f8a065a8d2da8660502c84eb0f8045fc3 (diff)