From 0a866bc932dadbba1e08b688bf3a6ae9bbfad12e Mon Sep 17 00:00:00 2001
From: Alexandre Bodin <bodin.alex@gmail.com>
Date: Wed, 18 Dec 2019 14:41:52 +0100
Subject: [PATCH] Update migration guide

---
 .../migration-guide-beta.17-to-beta.18.md     | 39 +++++++++++++++++++
 1 file changed, 39 insertions(+)

diff --git a/docs/3.0.0-beta.x/migration-guide/migration-guide-beta.17-to-beta.18.md b/docs/3.0.0-beta.x/migration-guide/migration-guide-beta.17-to-beta.18.md
index c8c407fbbc..5d828e158b 100644
--- a/docs/3.0.0-beta.x/migration-guide/migration-guide-beta.17-to-beta.18.md
+++ b/docs/3.0.0-beta.x/migration-guide/migration-guide-beta.17-to-beta.18.md
@@ -450,6 +450,45 @@ We created new home pages when your go to your api url.
 You will need to copy `index.html` and `production.html` into your `public` folder.
 You can find those two files [here](https://github.com/strapi/strapi/tree/master/packages/strapi-generate-new/lib/resources/files/public).
 
+## Updating `csp` options
+
+The admin panel contains certain assets that use `data:img;base64` images. To allow rendering of those assets you can update the files `./config/environments/{env}/security.json` as follows:
+
+**Before**
+
+```json
+{
+  "csp": {
+    "enabled": true,
+    "policy": [
+      {
+        "img-src": "'self' http:"
+      },
+      "block-all-mixed-content"
+    ]
+  }
+  //....
+}
+```
+
+**After**
+
+```json
+{
+  "csp": {
+    "enabled": true,
+    "policy": ["block-all-mixed-content"]
+  }
+  //....
+}
+```
+
+If you need more fine control you can also simply add the `data:` option to the `img-src` option.
+
 ## Rebuilding your administration panel
 
 Now delete the `.cache` and `build` folders. Then run `yarn develop`.
+
+```
+
+```