From 70cbe91776d1de10f2767c6a5ad5912fd705bdd3 Mon Sep 17 00:00:00 2001
From: leonklingele <git@leonklingele.de>
Date: Mon, 16 Mar 2020 06:46:08 +0900
Subject: Migrate to a good Content Security Policy (#1023)

So attacks such as XSS (see [0]) will no longer be of an issue.

[0]: https://github.com/omarroth/invidious/issues/1022
---
 assets/js/watch.js | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'assets/js/watch.js')

diff --git a/assets/js/watch.js b/assets/js/watch.js
index a26cb505..e9ad2ddc 100644
--- a/assets/js/watch.js
+++ b/assets/js/watch.js
@@ -1,3 +1,5 @@
+var video_data = JSON.parse(document.getElementById('video_data').innerHTML);
+
 String.prototype.supplant = function (o) {
     return this.replace(/{([^{}]*)}/g, function (a, b) {
         var r = o[b];
-- 
cgit v1.2.3