aboutsummaryrefslogtreecommitdiffstats
path: root/web/web.go
diff options
context:
space:
mode:
Diffstat (limited to 'web/web.go')
-rw-r--r--web/web.go2
1 files changed, 1 insertions, 1 deletions
diff --git a/web/web.go b/web/web.go
index 6c8e632..ffec8b9 100644
--- a/web/web.go
+++ b/web/web.go
@@ -401,7 +401,7 @@ func SecurityHeadersMiddleware(next http.Handler) http.Handler {
// style-src 'self' 'unsafe-inline' (for React/styled-components if used)
// img-src 'self' data: * (RSS images can be from anywhere)
// connect-src 'self' (API calls)
- w.Header().Set("Content-Security-Policy", "default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: *; connect-src 'self'; frame-ancestors 'none';")
+ w.Header().Set("Content-Security-Policy", "default-src 'self'; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' data: *; connect-src 'self'; frame-ancestors 'none';")
next.ServeHTTP(w, r)
})
}
generated by cgit v1.2.3 (git 2.25.1) at 2026-02-25 17:40:21 +0000