1 files changed, 7 insertions, 2 deletions

diff --git a/chrome/common/extensions/extension.cc b/chrome/common/extensions/extension.cc
index b6050b0..a06497e 100644
--- a/chrome/common/extensions/extension.cc
+++ b/chrome/common/extensions/extension.cc
@@ -99,9 +99,14 @@ const char kDefaultPlatformAppContentSecurityPolicy[] =
    // And serve them via blob:, data: or filesystem: URLs
    "style-src " PLATFORM_APP_LOCAL_CSP_SOURCES " 'unsafe-inline';"
    "img-src " PLATFORM_APP_LOCAL_CSP_SOURCES ";"
-   "media-src " PLATFORM_APP_LOCAL_CSP_SOURCES ";"
    "frame-src " PLATFORM_APP_LOCAL_CSP_SOURCES ";"
-   "font-src " PLATFORM_APP_LOCAL_CSP_SOURCES ";";
+   "font-src " PLATFORM_APP_LOCAL_CSP_SOURCES ";"
+   // Media can be loaded from remote resources since:
+   // 1. <video> and <audio> have good fallback behavior when offline or under
+   //    spotty connectivity.
+   // 2. Fetching via XHR and serving via blob: URLs currently does not allow
+   //    streaming or partial buffering.
+   "media-src *;";
 
 const char kDefaultSandboxedPageContentSecurityPolicy[] =
     "sandbox allow-scripts allow-forms";