Removed browser contect policy so that attachments would be visible.

Thanks to xet7 !

Fixes #4468

.meteor/packages

@@ -149,4 +149,3 @@ pascoual:pdfkit
 wekan-accounts-lockout
 lmieulet:meteor-coverage
 meteortesting:mocha
-browser-policy-content

.meteor/versions

@@ -19,7 +19,6 @@ blaze@2.5.0
 blaze-tools@1.1.2
 boilerplate-generator@1.7.1
 browser-policy-common@1.0.11
-browser-policy-content@1.1.1
 browser-policy-framing@1.1.0
 caching-compiler@1.2.2
 caching-html-compiler@1.2.0

server/policy.js

@@ -1,12 +1,16 @@
-import { BrowserPolicy } from 'meteor/browser-policy-common';
+//import { BrowserPolicy } from 'meteor/browser-policy-common';
 
 Meteor.startup(() => {
-
+/*
   // Default allowed
   BrowserPolicy.content.allowInlineScripts();
   BrowserPolicy.content.allowEval();
   BrowserPolicy.content.allowInlineStyles();
-  BrowserPolicy.content.allowSameOriginForAll();
+  BrowserPolicy.content.allowOriginForAll('*');
+  // Allow all images from anywhere
+  BrowserPolicy.content.allowImageOrigin('*');
+  BrowserPolicy.content.allowDataUrlForAll();
+*/
 
   if (process.env.BROWSER_POLICY_ENABLED === 'true') {
     // Trusted URL that can embed Wekan in iFrame.
@@ -23,11 +27,8 @@ Meteor.startup(() => {
     // Disable browser policy and allow all framing and including.
     // Use only at internal LAN, not at Internet.
     BrowserPolicy.framing.allowAll();
-    //BrowserPolicy.content.allowDataUrlForAll();
   }
 
-  // Allow all images from anywhere
-  //BrowserPolicy.content.allowImageOrigin('*');
 
   // If Matomo URL is set, allow it.
   const matomoUrl = process.env.MATOMO_ADDRESS;