Please whitelist postimages.org & imgbb.com which are image hosters.
Images can't be showed even if "Allow External Images" is checked in the wiki configuration because of your CSP which sites not on the whitelist will be denied access.
The following whitelist entries are required:
'postimages.org'
'*.postimages.org'
'postimgs.org'
'*.postimgs.org'
'postimg.cc'
'*.postimg.cc'
'imgbb.com'
'*.imgbb.com'
'simgbb.com'
'*.simgbb.com'
'ibb.co'
'*.ibb.co'
Sample image links:
- https://postimgs.org/img/plugins/smf2_1.png
- https://i.postimg.cc/DzK54CMz/image.png
- https://simgbb.com/images/logo.png
- https://i.ibb.co/s9QQXyH/image.png
CSP REVIEW: postimages.org
- Is the site equipped with a privacy policy? Yes
- Does the site attempt to comply with the GDPR? Can European Union inhabitants invoke their individual rights? No, however according to PP "PostImage does not require registration in order to upload images, so it does not record any email addresses if you are uploading anonymously (i.e. without signing in).
- Does the site provide a list of personal data being collected by using the service? Yes, see PP
- Is the website owner known to have a bad reputation regarding privacy? No
- Can wikis use the external service, even if the visitor wants to deny any cookies or other form of tracking? Appears yes, "Some of the features that make your site experience more efficient, such as user account access, may not function properly. However, you will still be able to upload images anonymously."
- Will wikis stay usable, even if the visitor blocks the external resource by using an ad blocker? Likely yes
- Is there a Data Protection Officer and/or Privacy Team that can be contacted by Miraheze? Does not appear to be the case, general support would have to be contacted
- Is the site equipped with a security policy? Yes, see PP
- Does the site clarify their security measures to protect collected user data? Can the site assure measures are being taken to protect code injection into the loaded external resources? Yes, some details are given as to what security measures exist, see PP
- Is the website owner known to have a bad reputation regarding information security? No
- Is there a Chief Information Security Officer and/or Security Team that can be contacted by Miraheze? Does not appear to be the case, general support would have to be contacted
CSP REVIEW: imgbb.com
- Is the site equipped with a privacy policy? Yes, albeit very short
- Does the site attempt to comply with the GDPR? Can European Union inhabitants invoke their individual rights? No, claims that "We do not collect any personally identifiable data on people who view images"
- Does the site provide a list of personal data being collected by using the service? Yes, says none
- Is the website owner known to have a bad reputation regarding privacy? No
- Can wikis use the external service, even if the visitor wants to deny any cookies or other form of tracking? Unsure, likely yes
- Will wikis stay usable, even if the visitor blocks the external resource by using an ad blocker? Likely yes
- Is there a Data Protection Officer and/or Privacy Team that can be contacted by Miraheze? No
- Is the site equipped with a security policy? No
- Does the site clarify their security measures to protect collected user data? Can the site assure measures are being taken to protect code injection into the loaded external resources? No
- Is the website owner known to have a bad reputation regarding information security? No
- Is there a Chief Information Security Officer and/or Security Team that can be contacted by Miraheze? No