Skip to content

Commit 9ea5cb6

Browse files
nursoltan-chemanticsnursoltan-chemantics
committed
remove unsafe-inline csp for veterans
1 parent 967e5fc commit 9ea5cb6

File tree

1 file changed

+1
-1
lines changed

1 file changed

+1
-1
lines changed

src/server/index.js

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -139,7 +139,7 @@ async function onExpressJsSetup(server) {
139139
res.header(
140140
'Content-Security-Policy',
141141
"default-src 'self';"
142-
+ " script-src 'report-sample' 'self' 'unsafe-inline' 'unsafe-eval'"
142+
+ " script-src 'report-sample' 'self'"
143143
+ ` ${config.CDN.PUBLIC}`
144144
+ ' http://www.google-analytics.com'
145145
+ ' https://43d132d5dbff47c59d9d53ad448f93c2.js.ubembed.com'

0 commit comments

Comments
 (0)