wrong content security policy for gravatar
Related to (where it should be fixed but was not): #134 (closed)
Browser console shows error on accessing gravatar.
Refused to load the image 'https://s.gravatar.com/avatar/4776e8f8e4a406211fccbc70b7679417?s=100' because it violates the following Content Security Policy directive: "img-src 'self' data: *.typo3.org www.gravatar.com".
Steps to reproduce
go to https://my.typo3.org/about-mytypo3org login with account which is connected to gravatar open browser console
- Content Security Policy directive must be defined in configuration, which is versionized