search

Syosset / syosset

🖥️ The official website of Syosset High School from 2017-2019, powered by Rails 5.
https://web.archive.org/web/20190414065933/https://syosseths.com/
MIT License
9 stars 2 forks source link

Images not on SHS CDN don't load #98

Open kailan opened 6 years ago

kailan commented 6 years ago

Users can reference images from sites such as imgur, but they won't actually load due to our CSP.

Either we only allow users to include images via uploading them in the editor or we whitelist imgur.

https://sentry.io/syosset/syossethscom/issues/438505439/

neiljohari commented 6 years ago

I don't mind only allowing internally uploaded images (for now, at least).

Would make it easy to do the auto reporting, easier to keep tabs on what's uploaded, etc.

So long as we make it extremely clear, I don't think it'll be an issue.

kailan commented 6 years ago

I'll work on this tonight.