Skip to content

Commit

Permalink
remove unsafe csp rules
Browse files Browse the repository at this point in the history
  • Loading branch information
@davwas
davwas committed Jan 3, 2024
1 parent cab60f6 commit 035bf1b
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion nginx.conf.template
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ server {
listen 3046;
server_name localhost;

set $csp "default-src 'self'; base-uri 'self'; script-src 'nonce-$request_id' 'strict-dynamic' 'unsafe-inline' https:; object-src 'none'; font-src 'self' data:; img-src 'self' data:; style-src 'self' 'unsafe-inline';";
set $csp "default-src 'self'; base-uri 'self'; script-src 'nonce-$request_id' 'strict-dynamic' https:; object-src 'none'; font-src 'self' data:; img-src 'self' data:; style-src 'self';";

location /tldraw-client-runtime.config.json {
return 200 '{ "tldrawServerURL" : "${TLDRAW_SERVER_URL}" }';
Expand Down

0 comments on commit 035bf1b

Please sign in to comment.