From 4c2a24d27825065b742863f418b02230996a6c75 Mon Sep 17 00:00:00 2001 From: Kieran Date: Sat, 17 Jun 2023 19:49:02 +0100 Subject: [PATCH] Update media-src CSP --- packages/app/_headers | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/app/_headers b/packages/app/_headers index bb210fcf3..016c27db6 100644 --- a/packages/app/_headers +++ b/packages/app/_headers @@ -1,2 +1,2 @@ /* - Content-Security-Policy: default-src 'self'; manifest-src *; child-src 'none'; worker-src 'self'; frame-src youtube.com www.youtube.com https://platform.twitter.com https://embed.tidal.com https://w.soundcloud.com https://www.mixcloud.com https://open.spotify.com https://player.twitch.tv https://embed.music.apple.com https://nostrnests.com https://embed.wavlake.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; connect-src *; img-src * data: blob:; font-src https://fonts.gstatic.com; media-src *; script-src 'self' 'wasm-unsafe-eval' https://static.cloudflareinsights.com https://platform.twitter.com https://embed.tidal.com; \ No newline at end of file + Content-Security-Policy: default-src 'self'; manifest-src *; child-src 'none'; worker-src 'self'; frame-src youtube.com www.youtube.com https://platform.twitter.com https://embed.tidal.com https://w.soundcloud.com https://www.mixcloud.com https://open.spotify.com https://player.twitch.tv https://embed.music.apple.com https://nostrnests.com https://embed.wavlake.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; connect-src *; img-src * data: blob:; font-src https://fonts.gstatic.com; media-src * blob:; script-src 'self' 'wasm-unsafe-eval' https://static.cloudflareinsights.com https://platform.twitter.com https://embed.tidal.com; \ No newline at end of file