From d81f807afff3b4efdb768b72fbc846245e1c5bb5 Mon Sep 17 00:00:00 2001
From: "Gleb O. Ivaniczkij" <csasq@csasq.ru>
Date: Sun, 28 Jul 2024 21:38:09 +0300
Subject: [PATCH] =?UTF-8?q?=D0=A3=D1=81=D1=82=D1=80=D0=B0=D0=BD=D0=B5?=
 =?UTF-8?q?=D0=BD=D1=8B=20=D0=BF=D1=80=D0=BE=D0=B1=D0=BB=D0=B5=D0=BC=D1=8B?=
 =?UTF-8?q?=20CSP?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 nginx/secure-headers.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/nginx/secure-headers.conf b/nginx/secure-headers.conf
index f9c30ce..226a8e0 100644
--- a/nginx/secure-headers.conf
+++ b/nginx/secure-headers.conf
@@ -1,4 +1,4 @@
-add_header	Content-Security-Policy "default-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self' https://cdn.csasq.ru";
+add_header	Content-Security-Policy "default-src 'self' https://cdn.csasq.ru; style-src 'self' 'unsafe-inline'; font-src 'self' https://cdn.csasq.ru";
 add_header	X-Frame-Options "DENY";
 add_header	X-Content-Type-Options "nosniff";
 add_header	Strict-Transport-Security "max-age=31536000; includeSubDomains";