fix: update content security policy to remove unsafe-inline (#6305)

2026-06-27 14:44:07 +00:00 · 2025-12-04 12:40:52 +05:30
parent 72ce6cadeb
commit a9ce97fb1b
1 changed files with 1 additions and 1 deletions
--- a/packages/bruno-electron/src/index.js
+++ b/packages/bruno-electron/src/index.js
@@ -65,7 +65,7 @@ const contentSecurityPolicy = [
  'connect-src \'self\' https://*.posthog.com',
  'font-src \'self\' https: data:;',
  'frame-src data:',
-  'script-src \'self\' \'unsafe-inline\' data:',
+  'script-src \'self\' data:',
  // this has been commented out to make oauth2 work
  // "form-action 'none'",
  // we make an exception and allow http for images so that