fix: update content security policy to allow inline scripts (#6139)

2026-06-15 03:41:28 +00:00 · 2025-12-03 19:57:10 +05:30
parent 38ba53be9f
commit 2b8da39bcf
1 changed files with 1 additions and 0 deletions
--- a/packages/bruno-electron/src/index.js
+++ b/packages/bruno-electron/src/index.js
@@ -60,6 +60,7 @@ const contentSecurityPolicy = [
  "connect-src 'self' https://*.posthog.com",
  "font-src 'self' https: data:;",
  "frame-src data:",
+  'script-src \'self\' \'unsafe-inline\' data:',
  // this has been commented out to make oauth2 work
  // "form-action 'none'",
  // we make an exception and allow http for images so that