|
|
|
|
|
|
by rtldg
1164 days ago
|
|
|
Their CSP does seem to prevent an svg I threw in a readme from loading a png so that's good to see. And a test png in the readme was proxied too. content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline' |
|
|