From 697f8491af00fbbeb71acd2ae784d7592f20db7b Mon Sep 17 00:00:00 2001
From: Niklas Fiekas <niklas.fiekas@backscattering.de>
Date: Wed, 12 Jun 2019 16:25:21 +0200
Subject: [PATCH] csp: allow framing twitter gifs (closes #5185)

---
 modules/common/src/main/ContentSecurityPolicy.scala | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/common/src/main/ContentSecurityPolicy.scala b/modules/common/src/main/ContentSecurityPolicy.scala
index 8d36f7a231..ec8cce72aa 100644
--- a/modules/common/src/main/ContentSecurityPolicy.scala
+++ b/modules/common/src/main/ContentSecurityPolicy.scala
@@ -50,7 +50,7 @@ case class ContentSecurityPolicy(
 
   def withTwitter = copy(
     scriptSrc = "https://platform.twitter.com" :: "https://*.twimg.com" :: scriptSrc,
-    frameSrc = "https://platform.twitter.com" :: frameSrc,
+    frameSrc = "https://twitter.com" :: "https://platform.twitter.com" :: frameSrc,
     styleSrc = "https://platform.twitter.com" :: styleSrc
   )