fix: content security policy adds cloudflare as origin

easyflow-software · Aug 8, 2024 · 11d16ca · 11d16ca
1 parent fcaa107
commit 11d16ca
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 3 deletions.
diff --git a/next.config.mjs b/next.config.mjs
@@ -2,8 +2,8 @@
 
 // https://securityheaders.com
 const ContentSecurityPolicy = `
-    default-src 'self';
-    script-src 'self' 'unsafe-eval' 'unsafe-inline';
+    default-src 'self' 'static.cloudflareinsights.com';
+    script-src 'self' 'unsafe-inline';
     style-src 'self' 'unsafe-inline';
     img-src * blob: data:;
     media-src 'self';

diff --git a/package-lock.json b/package-lock.json