From 32945f49f52fe8d639173ff28dfed4420b0feccb Mon Sep 17 00:00:00 2001
From: busy-panda <npuzin@outlook.com>
Date: Thu, 25 Apr 2024 15:22:34 +0200
Subject: [PATCH 1/2] bugfix(#2152): Docs not support "http" markdown image

---
 packages/bruno-electron/src/index.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/packages/bruno-electron/src/index.js b/packages/bruno-electron/src/index.js
index 5157dae8a7..ec64d3d4f5 100644
--- a/packages/bruno-electron/src/index.js
+++ b/packages/bruno-electron/src/index.js
@@ -24,7 +24,7 @@ const contentSecurityPolicy = [
   "font-src 'self' https:",
   // this has been commented out to make oauth2 work
   // "form-action 'none'",
-  "img-src 'self' blob: data: https:",
+  "img-src 'self' blob: data: http: https:",
   "media-src 'self' blob: data: https:",
   "style-src 'self' 'unsafe-inline' https:"
 ];

From 7cbf1c9c2e4701ee8d378cf0b8c9b3cd062752d0 Mon Sep 17 00:00:00 2001
From: busy-panda <npuzin@outlook.com>
Date: Fri, 26 Apr 2024 23:15:01 +0200
Subject: [PATCH 2/2] fix: added documentation (#2152)

---
 packages/bruno-electron/src/index.js | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/packages/bruno-electron/src/index.js b/packages/bruno-electron/src/index.js
index ec64d3d4f5..7f4e58422a 100644
--- a/packages/bruno-electron/src/index.js
+++ b/packages/bruno-electron/src/index.js
@@ -24,6 +24,8 @@ const contentSecurityPolicy = [
   "font-src 'self' https:",
   // this has been commented out to make oauth2 work
   // "form-action 'none'",
+  // we make an exception and allow http for images so that
+  // they can be used as link in the embedded markdown editors
   "img-src 'self' blob: data: http: https:",
   "media-src 'self' blob: data: https:",
   "style-src 'self' 'unsafe-inline' https:"