From 0cfa048d0df5cb44fbec2808e3615d7c296d0a2e Mon Sep 17 00:00:00 2001 From: null Date: Wed, 27 May 2026 14:14:24 -0500 Subject: [PATCH] injection security --- server/index.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/server/index.js b/server/index.js index d7dc8e6..b252377 100644 --- a/server/index.js +++ b/server/index.js @@ -65,7 +65,7 @@ const isDev = process.env.NODE_ENV === 'development' const cspDirectives = { defaultSrc: ["'self'"], scriptSrc: ["'self'", 'https://www.google.com/recaptcha/', 'https://www.gstatic.com/recaptcha/'], - styleSrc: ["'self'", 'https://fonts.googleapis.com'], + styleSrc: ["'self'", "'unsafe-inline'", 'https://fonts.googleapis.com'], fontSrc: ["'self'", 'https://fonts.gstatic.com'], imgSrc: ["'self'", 'data:'], connectSrc: isDev ? ["'self'", 'ws://localhost:*'] : ["'self'"],