From 608b6a8af84f50f7987ffc840c16a814cebeb4ea Mon Sep 17 00:00:00 2001
From: Serghei Iakovlev <egrep@protonmail.ch>
Date: Mon, 15 Apr 2024 00:12:21 +0200
Subject: Update Content-Security-Policy for netlify

---
 netlify.toml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'netlify.toml')

diff --git a/netlify.toml b/netlify.toml
index 55134eb..fc355f0 100644
--- a/netlify.toml
+++ b/netlify.toml
@@ -88,14 +88,14 @@
     # (including inline scripts and event-handling HTML attributes).
     Content-Security-Policy = """
     default-src 'self';
-    script-src 'self' www.googletagmanager.com hypothes.is cdn.hypothes.is;
-    style-src 'self' cdn.hypothes.is;
+    script-src 'self' www.googletagmanager.com hypothes.is cdn.hypothes.is giscus.app;
+    style-src 'self' cdn.hypothes.is giscus.app;
     img-src 'self' data: *.google-analytics.com www.googletagmanager.com www.gstatic.com stats.g.doubleclick.net;
     font-src 'self';
     connect-src 'self' *.google-analytics.com *.analytics.google.com analytics.google.com www.googletagmanager.com stats.g.doubleclick.net;
     media-src 'self';
     object-src 'self';
-    frame-src hypothes.is;
+    frame-src hypothes.is giscus.app;
     worker-src 'self';
     frame-ancestors 'none';
     form-action 'self' submit-form.com;
-- 
cgit v1.2.3