From 31e033a2e375d5b90c0186d5e4e65f797a1e0e14 Mon Sep 17 00:00:00 2001
From: antilopa <antilopa@disroot.org>
Date: Tue, 2 Nov 2021 11:38:27 +0100
Subject: [PATCH] changed default src in csp to self, since none was too
 restrictive

---
 templates/etc/nginx/sites-available/core.j2 | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/templates/etc/nginx/sites-available/core.j2 b/templates/etc/nginx/sites-available/core.j2
index 818ada0..2413079 100644
--- a/templates/etc/nginx/sites-available/core.j2
+++ b/templates/etc/nginx/sites-available/core.j2
@@ -72,7 +72,7 @@ server {
 {% endif %}
 {% if item.header_csp is defined and item.header_csp == 'none' %}
 {% else %}
-  add_header Content-Security-Policy "{{ item.header_csp | default("default-src 'none'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self'; base-uri 'self'; form-action 'self';") }}";
+  add_header Content-Security-Policy "{{ item.header_csp | default("default-src 'self'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self'; base-uri 'self'; form-action 'self';") }}";
 {% endif %}
 {% if item.header_cto is defined and item.header_cto == 'none' %}
 {% else %}