From 53ab9761f8745bde29fd1c8d381280f9320ef437 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?busy-panda=F0=9F=90=BC=F0=9F=90=BC?=
 <139650490+busy-panda@users.noreply.github.com>
Date: Wed, 22 May 2024 15:49:31 +0200
Subject: [PATCH] bugfix(#2152): Docs not support "http" markdown image (#2171)

* bugfix(#2152): Docs not support "http" markdown image

* fix: added documentation (#2152)
---
 packages/bruno-electron/src/index.js | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/packages/bruno-electron/src/index.js b/packages/bruno-electron/src/index.js
index 5157dae8a7..7f4e58422a 100644
--- a/packages/bruno-electron/src/index.js
+++ b/packages/bruno-electron/src/index.js
@@ -24,7 +24,9 @@ const contentSecurityPolicy = [
   "font-src 'self' https:",
   // this has been commented out to make oauth2 work
   // "form-action 'none'",
-  "img-src 'self' blob: data: https:",
+  // we make an exception and allow http for images so that
+  // they can be used as link in the embedded markdown editors
+  "img-src 'self' blob: data: http: https:",
   "media-src 'self' blob: data: https:",
   "style-src 'self' 'unsafe-inline' https:"
 ];