Skip to content

Commit

Permalink
Add unsafe inline
Browse files Browse the repository at this point in the history
  • Loading branch information
ingalls committed Sep 18, 2024
1 parent 45e1428 commit 6a9ff47
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion api/nginx.conf
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ http {
set $IMG "img-src 'self' data: *.API_URL";
set $FONT "font-src 'self' data:";
set $WORKER "worker-src 'self' blob:";
set $STYLE_SRC_ELEM "style-src 'self'";
set $STYLE_SRC_ELEM "style-src-elem 'self' 'unsafe-inline'";
set $STYLE_SRC_ATTR "style-src-attr 'unsafe-inline'";
set $CONNECT "connect-src 'self' *.API_URL:* *.ROOT_URL:*";
add_header 'Content-Security-Policy' "default-src 'self' *.API_URL; ${IMG}; ${WORKER}; ${CONNECT}; ${STYLE_SRC_ATTR}; ${STYLE_SRC_ELEM}; ${FONT}; upgrade-insecure-requests;" always;
Expand Down

0 comments on commit 6a9ff47

Please sign in to comment.