From 7d68c2c4659d837b563ef6076f52ad275f769436 Mon Sep 17 00:00:00 2001
From: Michael Telatynski <7t3chguy@gmail.com>
Date: Thu, 6 Feb 2020 11:52:21 +0000
Subject: [PATCH] re-add child-src as the common ancestor of worker-src and
 frame-src for backwards compat and split onto multiple lines for readability

Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
---
 src/vector/index.html | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

diff --git a/src/vector/index.html b/src/vector/index.html
index 8021d1c2..5fc815c5 100644
--- a/src/vector/index.html
+++ b/src/vector/index.html
@@ -22,7 +22,21 @@
     <meta name="msapplication-config" content="<%= require('../../res/vector-icons/browserconfig.xml') %>">
     <meta name="theme-color" content="#ffffff">
     <meta property="og:image" content="<%= htmlWebpackPlugin.options.vars.og_image_url %>" />
-    <meta http-equiv="Content-Security-Policy" content="default-src 'none'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-eval' https://www.recaptcha.net https://www.gstatic.com; img-src * blob: data:; connect-src *; font-src 'self' data:; media-src * blob: data:; worker-src 'self'; frame-src * blob: data:; form-action 'self'; object-src 'self'; manifest-src 'self'">
+    <meta http-equiv="Content-Security-Policy" content="
+        default-src 'none';
+        style-src 'self' 'unsafe-inline';
+        script-src 'self' 'unsafe-eval' https://www.recaptcha.net https://www.gstatic.com;
+        img-src * blob: data:;
+        connect-src *;
+        font-src 'self' data:;
+        media-src * blob: data:;
+        child-src * blob: data:;
+        worker-src 'self';
+        frame-src * blob: data:;
+        form-action 'self';
+        object-src 'self';
+        manifest-src 'self';
+    ">
     <% for (var i=0; i < htmlWebpackPlugin.files.css.length; i++) {
         var file = htmlWebpackPlugin.files.css[i];
         var match = file.match(/^bundles\/.*?\/theme-(.*)\.css$/);