From dd7fbee221177cac011b48ae1d5293867f007a90 Mon Sep 17 00:00:00 2001
From: techknowlogick <techknowlogick@noreply.gitea.com>
Date: Mon, 27 Nov 2023 00:16:03 +0000
Subject: [PATCH] update CSP

---
 static/_headers | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/static/_headers b/static/_headers
index 0e5a09c..7709e2b 100644
--- a/static/_headers
+++ b/static/_headers
@@ -1,5 +1,5 @@
 /*
-  Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' https://discourse.gitea.io https://discourse-cdn-sjc2.com https://plausible.io; style-src 'self' https://fonts.googleapis.com https://cdnjs.cloudflare.com https://discourse-cdn-sjc2.com; font-src 'self' data: https://cdnjs.cloudflare.com https://fonts.gstatic.com; img-src 'self' https://docs.gitea.com https://gitea.com https://github.com https://discourse.gitea.io https://opencollective.com https://discourse-cdn-sjc2.com https://seccdn.libravatar.org; frame-src 'self' https://discourse.gitea.io; connect-src plausible.io;
+  Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' https://forum.gitea.com https://discourse-cdn-sjc2.com https://plausible.io; style-src 'self' https://fonts.googleapis.com https://cdnjs.cloudflare.com https://discourse-cdn-sjc2.com; font-src 'self' data: https://cdnjs.cloudflare.com https://fonts.gstatic.com; img-src 'self' https://docs.gitea.com https://gitea.com https://github.com https://avatars.githubusercontent.com https://forum.gitea.com https://opencollective.com https://discourse-cdn-sjc2.com https://seccdn.libravatar.org; frame-src 'self' https://forum.gitea.com; connect-src plausible.io;
   X-Frame-Options: DENY
   X-Xss-Protection: 1; mode=block
   X-Content-Type-Options: nosniff