From fe0672a81e5693d43ce5bad57ac253d871955f7f Mon Sep 17 00:00:00 2001
From: ingalls <nick@ingalls.ca>
Date: Tue, 1 Oct 2024 16:14:29 -0400
Subject: [PATCH] Keep variables

---
 api/nginx.conf | 7 -------
 1 file changed, 7 deletions(-)

diff --git a/api/nginx.conf b/api/nginx.conf
index 08d218b9e..0d0b0489d 100644
--- a/api/nginx.conf
+++ b/api/nginx.conf
@@ -57,13 +57,6 @@ http {
             add_header 'Referrer-Policy' 'strict-origin-when-cross-origin' always;
             add_header 'Strict-Transport-Security' 'max-age=31536000; includeSubDomains; preload' always;
             add_header 'Permissions-Policy' 'fullscreen=(self), geolocation=(self), clipboard-read=(self), clipboard-write=(self)' always;
-
-            set $IMG "img-src 'self' data: *.API_URL";
-            set $FONT "font-src 'self' data:";
-            set $WORKER "worker-src 'self' blob:";
-            set $STYLE_SRC_ELEM "style-src-elem 'self' 'unsafe-inline'";
-            set $STYLE_SRC_ATTR "style-src-attr 'unsafe-inline'";
-            set $CONNECT "connect-src 'self' *.API_URL:* *.ROOT_URL:*";
             add_header 'Content-Security-Policy' "default-src 'self' *.API_URL; ${IMG}; ${WORKER}; ${CONNECT}; ${STYLE_SRC_ATTR}; ${STYLE_SRC_ELEM}; ${FONT}; upgrade-insecure-requests;" always;
 
             add_header Cache-Control no-cache;