diff options
Diffstat (limited to 'plugins/playvideos')
| -rw-r--r-- | plugins/playvideos/README.md | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/plugins/playvideos/README.md b/plugins/playvideos/README.md index 54729e0b..b1698470 100644 --- a/plugins/playvideos/README.md +++ b/plugins/playvideos/README.md | |||
| @@ -14,8 +14,16 @@ This is a default Shaarli plugin, you just have to enable it. See https://github | |||
| 14 | #### Troubleshooting | 14 | #### Troubleshooting |
| 15 | 15 | ||
| 16 | If your server has [Content Security Policy](http://content-security-policy.com/) headers enabled, this may prevent the script from loading fully. You should relax the CSP in your server settings. Example CSP rule for apache2: | 16 | If your server has [Content Security Policy](http://content-security-policy.com/) headers enabled, this may prevent the script from loading fully. You should relax the CSP in your server settings. Example CSP rule for apache2: |
| 17 | `Header set Content-Security-Policy "script-src 'self' 'unsafe-inline' https://www.youtube.com https://s.ytimg.com 'unsafe-eval'"` | ||
| 18 | 17 | ||
| 18 | In `/etc/apache2/conf-available/shaarli-csp.conf`: | ||
| 19 | |||
| 20 | ```apache | ||
| 21 | <Directory /path/to/shaarli> | ||
| 22 | Header set Content-Security-Policy "script-src 'self' 'unsafe-inline' https://www.youtube.com https://s.ytimg.com 'unsafe-eval'" | ||
| 23 | </Directory> | ||
| 24 | ``` | ||
| 25 | |||
| 26 | Then run `a2enconf shaarli-csp; service apache2 reload` | ||
| 19 | 27 | ||
| 20 | ### License | 28 | ### License |
| 21 | ``` | 29 | ``` |