From 70cbe91776d1de10f2767c6a5ad5912fd705bdd3 Mon Sep 17 00:00:00 2001
From: leonklingele <git@leonklingele.de>
Date: Mon, 16 Mar 2020 06:46:08 +0900
Subject: Migrate to a good Content Security Policy (#1023)

So attacks such as XSS (see [0]) will no longer be of an issue.

[0]: https://github.com/omarroth/invidious/issues/1022
---
 assets/js/embed.js | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'assets/js/embed.js')

diff --git a/assets/js/embed.js b/assets/js/embed.js
index 534c30ff..99d2fc53 100644
--- a/assets/js/embed.js
+++ b/assets/js/embed.js
@@ -1,3 +1,5 @@
+var video_data = JSON.parse(document.getElementById('video_data').innerHTML);
+
 function get_playlist(plid, retries) {
     if (retries == undefined) retries = 5;
 
-- 
cgit v1.2.3