Compare commits

...

1 Commits

Author SHA1 Message Date
ramki-bruno
f53afb5a6b Strengthen CSP 2025-02-14 15:24:39 +05:30

View File

@@ -30,8 +30,7 @@ const lastOpenedCollections = new LastOpenedCollections();
// Reference: https://content-security-policy.com/
const contentSecurityPolicy = [
"default-src 'self'",
"script-src * 'unsafe-inline' 'unsafe-eval'",
"connect-src * 'unsafe-inline'",
"connect-src 'self' https://*.posthog.com",
"font-src 'self' https:",
// this has been commented out to make oauth2 work
// "form-action 'none'",