Keep variables

api/nginx.conf

@@ -57,13 +57,6 @@ http {
             add_header 'Referrer-Policy' 'strict-origin-when-cross-origin' always;
             add_header 'Strict-Transport-Security' 'max-age=31536000; includeSubDomains; preload' always;
             add_header 'Permissions-Policy' 'fullscreen=(self), geolocation=(self), clipboard-read=(self), clipboard-write=(self)' always;
-
-            set $IMG "img-src 'self' data: *.API_URL";
-            set $FONT "font-src 'self' data:";
-            set $WORKER "worker-src 'self' blob:";
-            set $STYLE_SRC_ELEM "style-src-elem 'self' 'unsafe-inline'";
-            set $STYLE_SRC_ATTR "style-src-attr 'unsafe-inline'";
-            set $CONNECT "connect-src 'self' *.API_URL:* *.ROOT_URL:*";
             add_header 'Content-Security-Policy' "default-src 'self' *.API_URL; ${IMG}; ${WORKER}; ${CONNECT}; ${STYLE_SRC_ATTR}; ${STYLE_SRC_ELEM}; ${FONT}; upgrade-insecure-requests;" always;
 
             add_header Cache-Control no-cache;