From 38f8105c2ed60f3fa9a94eb5147f5ffc1a663319 Mon Sep 17 00:00:00 2001
From: Simon Eisenmann <simon@struktur.de>
Date: Fri, 19 Dec 2014 12:01:52 +0100
Subject: [PATCH] Also allow data: urls for fonts.

---
 server.conf.in | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/server.conf.in b/server.conf.in
index 9774b62c..896d6715 100644
--- a/server.conf.in
+++ b/server.conf.in
@@ -109,7 +109,7 @@ serverRealm = local
 ;   style-src 'self' 'unsafe-inline';
 ;   img-src 'self' data: blob:;
 ;   connect-src 'self' wss://server:port/ws blob:;
-;   font-src 'self' blob;
+;   font-src 'self' data: blob:;
 ;contentSecurityPolicy =
 ; Content-Security-Policy-Report-Only HTTP response header value. Use this
 ; to test your CSP before putting it into production.