From 21294ecb6c0f34c824016653876d9056a6125210 Mon Sep 17 00:00:00 2001
From: Mateusz Charytoniuk <mateusz.charytoniuk@protonmail.com>
Date: Mon, 5 Feb 2024 21:20:07 +0100
Subject: [PATCH] fix: security policy headers for media

---
 resources/css/docs-common.css | 1 +
 src/SecurityPolicyHeaders.php | 1 +
 2 files changed, 2 insertions(+)

diff --git a/resources/css/docs-common.css b/resources/css/docs-common.css
index f440c92c..df99e202 100644
--- a/resources/css/docs-common.css
+++ b/resources/css/docs-common.css
@@ -210,6 +210,7 @@ a:active,
 .primary-navigation a {
   padding: 20px 20px;
   text-decoration: none;
+  white-space: nowrap;
 }
 
 .primary-navigation a.active {
diff --git a/src/SecurityPolicyHeaders.php b/src/SecurityPolicyHeaders.php
index e342ff43..479673c7 100644
--- a/src/SecurityPolicyHeaders.php
+++ b/src/SecurityPolicyHeaders.php
@@ -44,6 +44,7 @@ final readonly class SecurityPolicyHeaders
             "frame-ancestors 'none'",
             "manifest-src 'self'",
             "img-src 'self'",
+            "media-src 'self'",
             "object-src 'none'",
             "script-src 'self'",
             "style-src 'self' ".$this->getHeaderNonce($request),
-- 
GitLab