From 02c531591a7205443de57137a617d3e752dae3c2 Mon Sep 17 00:00:00 2001
From: Joachim Bauch <bauch@struktur.de>
Date: Thu, 23 Apr 2015 12:33:36 +0200
Subject: [PATCH] Need "frame-src" CSP to load YouTube sandbox.

---
 server.conf.in | 1 +
 1 file changed, 1 insertion(+)

diff --git a/server.conf.in b/server.conf.in
index e6b143d3..a02df90c 100644
--- a/server.conf.in
+++ b/server.conf.in
@@ -109,6 +109,7 @@ serverRealm = local
 ; data: URL for images.
 ; The currently recommended CSP is:
 ;   default-src 'self';
+;   frame-src 'self' data:;
 ;   style-src 'self' 'unsafe-inline';
 ;   img-src 'self' data: blob:;
 ;   connect-src 'self' wss://server:port/ws blob:;