GitLab

Related to (where it should be fixed but was not): https://git-t3o.typo3.org/t3o/my/issues/134

Summary

Browser console shows error on accessing gravatar.

Refused to load the image 'https://s.gravatar.com/avatar/4776e8f8e4a406211fccbc70b7679417?s=100' because it violates the following Content Security Policy directive: "img-src 'self' data: *.typo3.org www.gravatar.com".

Steps to reproduce

go to https://my.typo3.org/about-mytypo3org login with account which is connected to gravatar open browser console

AC

• Content Security Policy directive must be defined in configuration, which is versionized