From 70a7836f477c6138d9159798d8f3aa8940155adc Mon Sep 17 00:00:00 2001
From: Serghei Iakovlev <egrep@protonmail.ch>
Date: Wed, 29 Jun 2022 09:01:55 +0200
Subject: Add doubleclick.net to CSP header

---
 netlify.toml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'netlify.toml')

diff --git a/netlify.toml b/netlify.toml
index 34ed4b6..01b7af7 100644
--- a/netlify.toml
+++ b/netlify.toml
@@ -68,7 +68,7 @@
     # files received from those allowed domains, ignoring all other scripts
     # (including inline scripts and event-handling HTML attributes).
     #
-    Content-Security-Policy = "default-src 'self'; script-src 'self' *.netlify.app *.netlify.com *.googletagmanager.com; style-src 'self'; img-src 'self' data: *.google-analytics.com *.googletagmanager.com; font-src 'self'; connect-src 'self' *.google-analytics.com *.analytics.google.com *.googletagmanager.com; media-src 'self'; object-src 'self'; frame-src 'none'; worker-src 'self'; frame-ancestors 'none'; form-action 'self' submit-form.com; upgrade-insecure-requests; base-uri 'self'; manifest-src 'self'; report-uri https://egrep.report-uri.com/r/d/csp/enforce"
+    Content-Security-Policy = "default-src 'self'; script-src 'self' *.netlify.app *.netlify.com *.googletagmanager.com; style-src 'self'; img-src 'self' data: *.google-analytics.com *.googletagmanager.com; font-src 'self'; connect-src 'self' *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.doubleclick.net; media-src 'self'; object-src 'self'; frame-src 'none'; worker-src 'self'; frame-ancestors 'none'; form-action 'self' submit-form.com; upgrade-insecure-requests; base-uri 'self'; manifest-src 'self'; report-uri https://egrep.report-uri.com/r/d/csp/enforce"
 
 [[headers]]
   for = '/feeds/*.xml'
-- 
cgit v1.2.3