From 1b46c803894091683bafef880c09f5d7f62f8b5d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Win=E2=80=AE8201=E2=80=ADLinux=E2=80=AC?=
 <reimussr@gmail.com>
Date: Tue, 28 Jan 2025 02:29:24 +0900
Subject: [PATCH] Make sure the icons are displayed correctly in desktop
 clients (#5469)

---
 src/util.rs | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/util.rs b/src/util.rs
index 76de40d1..ecd079cf 100644
--- a/src/util.rs
+++ b/src/util.rs
@@ -55,7 +55,10 @@ impl Fairing for AppHeaders {
         res.set_raw_header("Referrer-Policy", "same-origin");
         res.set_raw_header("X-Content-Type-Options", "nosniff");
         res.set_raw_header("X-Robots-Tag", "noindex, nofollow");
-        res.set_raw_header("Cross-Origin-Resource-Policy", "same-origin");
+
+        if !res.headers().get_one("Content-Type").is_some_and(|v| v.starts_with("image/")) {
+            res.set_raw_header("Cross-Origin-Resource-Policy", "same-origin");
+        }
 
         // Obsolete in modern browsers, unsafe (XS-Leak), and largely replaced by CSP
         res.set_raw_header("X-XSS-Protection", "0");