13 lines
649 B
Diff
13 lines
649 B
Diff
diff --git a/lib/pleroma/web/plugs/http_security_plug.ex b/lib/pleroma/web/plugs/http_security_plug.ex
|
|
index b1f1ada94..8bae50900 100644
|
|
--- a/lib/pleroma/web/plugs/http_security_plug.ex
|
|
+++ b/lib/pleroma/web/plugs/http_security_plug.ex
|
|
@@ -114,7 +114,7 @@ defp csp_string(conn) do
|
|
style_src = "style-src 'self' '#{nonce_tag}'"
|
|
font_src = "font-src 'self'"
|
|
|
|
- script_src = "script-src 'self' '#{nonce_tag}'"
|
|
+ script_src = "script-src 'self' 'unsafe-eval' '#{nonce_tag}'"
|
|
|
|
report = if report_uri, do: ["report-uri ", report_uri, ";report-to csp-endpoint"]
|
|
insecure = if scheme == "https", do: "upgrade-insecure-requests"
|