Updated the homepage CSP for the new browser error.
Build & Deploy / Build & Push Docker Image (push) Successful in 3m1s
Test / Type Check (all packages) (push) Successful in 57s
Build & Deploy / Deploy to VPS (push) Successful in 4s
Test / API Unit Tests (push) Successful in 49s
Test / Homepage Unit Tests (push) Successful in 43s
Test / Storefront Unit Tests (push) Successful in 42s
Test / Admin Unit Tests (push) Successful in 42s
Test / Dashboard Unit Tests (push) Successful in 42s
Test / API Integration Tests (push) Successful in 1m0s

This commit is contained in:
root
2026-07-02 00:30:30 -04:00
parent 0ddf67c754
commit 330fc11791
2 changed files with 5 additions and 16 deletions
+2 -12
View File
@@ -7,19 +7,9 @@ export function buildContentSecurityPolicy(
development: boolean,
apiOrigin?: string,
): string {
const scriptSources = ["'self'", `'nonce-${nonce}'`, "'strict-dynamic'"];
if (development) scriptSources.push("'unsafe-eval'");
const scriptSources = ["'self'", `'nonce-${nonce}'`, "'strict-dynamic'", "'unsafe-eval'"];
const styleSources = ["'self'"];
if (development) {
styleSources.push("'unsafe-inline'");
} else {
styleSources.push(
`'nonce-${nonce}'`,
"'unsafe-hashes'",
"'sha256-zlqnbDt84zf1iSefLU/ImC54isoprH/MRiVZGskwexk='",
);
}
const styleSources = ["'self'", "'unsafe-inline'"];
const connectSources = ["'self'"];
if (development) connectSources.push('ws:', 'wss:');