update CSP

6 years ago · d07771c46d
parent 7c9f99038f
commit d07771c46d
1 changed files with 1 additions and 1 deletions
--- a/netlify.toml
+++ b/netlify.toml
@ -8,7 +8,7 @@
    Strict-Transport-Security = "max-age=31536000; includeSubDomains; preload"
    Cache-Control = "public, max-age=31536000"
    Referrer-Policy = "strict-origin-when-cross-origin"
-    Content-Security-Policy = "default-src https:"
+    Content-Security-Policy = "default-src 'unsafe-inline' https:"
    X-Content-Type-Options = "nosniff"
    X-Frame-Options = "DENY"
    X-XSS-Protection = "1; mode=block"