wrong content security policy for gravatar
Related to (where it should be fixed but was not): https://git-t3o.typo3.org/t3o/my/issues/134
Summary
Browser console shows error on accessing gravatar.
Refused to load the image 'https://s.gravatar.com/avatar/4776e8f8e4a406211fccbc70b7679417?s=100' because it violates the following Content Security Policy directive: "img-src 'self' data: *.typo3.org www.gravatar.com".
Steps to reproduce
go to https://my.typo3.org/about-mytypo3org login with account which is connected to gravatar open browser console
AC
-
Content Security Policy directive must be defined in configuration, which is versionized