From 4c75aa8663d3b31dea4e7a5d73dcaa8ce4af0d94 Mon Sep 17 00:00:00 2001
From: Lukas Winkler <git@lw1.at>
Date: Sat, 11 Sep 2021 19:23:04 +0200
Subject: [PATCH] fix csp

---
 rpg_notes/settings.py | 1 +
 1 file changed, 1 insertion(+)

diff --git a/rpg_notes/settings.py b/rpg_notes/settings.py
index 4651af6..dbeced2 100644
--- a/rpg_notes/settings.py
+++ b/rpg_notes/settings.py
@@ -191,6 +191,7 @@ ACCOUNT_ACTIVATION_DAYS = 7  # One-week activation window
 EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend'
 
 CSP_DEFAULT_SRC = ["'self'", 'data:']
+CSP_SCRIPT_SRC = ["'self'"]
 CSP_STYLE_SRC = ["'self'", "'unsafe-inline'"]
 if SENTRY_CSP_REPORT_URI:
     CSP_REPORT_URL = SENTRY_CSP_REPORT_URI