From 6d7e4baaee72d660c18022ca0fb7aef8c03235f9 Mon Sep 17 00:00:00 2001
From: Serghei Iakovlev <egrep@protonmail.ch>
Date: Sun, 24 Jul 2022 20:30:17 +0200
Subject: Correct CSP header

---
 netlify.toml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'netlify.toml')

diff --git a/netlify.toml b/netlify.toml
index 8edb56f..f3b429b 100644
--- a/netlify.toml
+++ b/netlify.toml
@@ -89,11 +89,11 @@
     # (including inline scripts and event-handling HTML attributes).
     Content-Security-Policy = """
     default-src 'self';
-    script-src 'self' www.googletagmanager.com;
+    script-src 'self' www.googletagmanager.com hypothes.is;
     style-src 'self';
-    img-src 'self' data: www.google-analytics.com www.googletagmanager.com www.gstatic.com stats.g.doubleclick.net;
+    img-src 'self' data: *.google-analytics.com www.googletagmanager.com www.gstatic.com stats.g.doubleclick.net;
     font-src 'self';
-    connect-src 'self' www.google-analytics.com analytics.google.com www.googletagmanager.com stats.g.doubleclick.net;
+    connect-src 'self' *.google-analytics.com analytics.google.com www.googletagmanager.com stats.g.doubleclick.net;
     media-src 'self';
     object-src 'self';
     frame-src 'none';
-- 
cgit v1.2.3