From a9ce97fb1bc33d9401c54eeaa006957a942a3742 Mon Sep 17 00:00:00 2001
From: Sid <siddharth@usebruno.com>
Date: Thu, 4 Dec 2025 12:40:52 +0530
Subject: [PATCH] fix: update content security policy to remove unsafe-inline
 (#6305)

---
 packages/bruno-electron/src/index.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/packages/bruno-electron/src/index.js b/packages/bruno-electron/src/index.js
index 8288edf9b..43ac86e1a 100644
--- a/packages/bruno-electron/src/index.js
+++ b/packages/bruno-electron/src/index.js
@@ -65,7 +65,7 @@ const contentSecurityPolicy = [
   'connect-src \'self\' https://*.posthog.com',
   'font-src \'self\' https: data:;',
   'frame-src data:',
-  'script-src \'self\' \'unsafe-inline\' data:',
+  'script-src \'self\' data:',
   // this has been commented out to make oauth2 work
   // "form-action 'none'",
   // we make an exception and allow http for images so that