fix: add 'unsafe-inline' to script-src

This commit is contained in:
xHyroM 2023-01-02 22:45:48 +01:00
parent 332458b14f
commit 90edaee257
2 changed files with 2 additions and 2 deletions

View file

@ -37,7 +37,7 @@
/>
<!-- CSP -->
<meta http-equiv="Content-Security-Policy" content="img-src 'self'; font-src *; style-src 'self' 'unsafe-inline' fonts.googleapis.com; script-src 'self'; object-src 'none'" />
<meta http-equiv="Content-Security-Policy" content="img-src 'self'; font-src *; style-src 'self' 'unsafe-inline' fonts.googleapis.com; script-src 'self' 'unsafe-inline'; object-src 'none'" />
<link rel="preconnect" href="https://fonts.googleapis.com" />
<link

View file

@ -5,7 +5,7 @@
"headers" : [
{
"key" : "Content-Security-Policy",
"value" : "img-src 'self'; font-src *; style-src 'self' 'unsafe-inline' fonts.googleapis.com; script-src 'self'; object-src 'none'"
"value" : "img-src 'self'; font-src *; style-src 'self' 'unsafe-inline' fonts.googleapis.com; script-src 'self' 'unsafe-inline'; object-src 'none'"
}
]
}