From 8d25e818d644091cafff16ec2d98b0adf442cb15 Mon Sep 17 00:00:00 2001
From: Julien Dessaux
Date: Sun, 1 Oct 2023 22:43:00 +0200
Subject: Fixed CSP

---
 deploy/headers_secure.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/deploy/headers_secure.conf b/deploy/headers_secure.conf
index 71b52e1..6dfc381 100644
--- a/deploy/headers_secure.conf
+++ b/deploy/headers_secure.conf
@@ -4,7 +4,7 @@ add_header X-XSS-Protection "1; mode=block";
 add_header X-Content-Type-Options nosniff;
 add_header Referrer-Policy strict-origin;
 add_header Cache-Control no-transform;
-add_header Content-Security-Policy "script-src 'self'";
+add_header Content-Security-Policy "script-src 'unsafe-inline'";
 add_header Permissions-Policy "accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()";
 # 6 months HSTS pinning
 add_header Strict-Transport-Security max-age=16000000;
-- 
cgit v1.2.3