Skip to content

Commit 0c6d43d

Browse files
nawattsnawatts
authored
[SUP-613] Update Content Security policy - add unsafe-eval to script-src (#3472)
1 parent 7819409 commit 0c6d43d

File tree

1 file changed

+1
-1
lines changed

1 file changed

+1
-1
lines changed

app.yaml

+1-1
Original file line numberDiff line numberDiff line change
@@ -24,7 +24,7 @@ handlers:
2424
expiration: 0s
2525
secure: always
2626
http_headers:
27-
Content-Security-Policy: "base-uri 'self'; object-src 'none'; script-src 'self' https://fast.appcues.com https://us.jsagent.tcell.insight.rapid7.com https://cdnjs.cloudflare.com; style-src * 'unsafe-inline'"
27+
Content-Security-Policy: "base-uri 'self'; object-src 'none'; script-src 'self' 'unsafe-eval' https://fast.appcues.com https://us.jsagent.tcell.insight.rapid7.com https://cdnjs.cloudflare.com; style-src * 'unsafe-inline'"
2828
X-Frame-Options: "SAMEORIGIN"
2929
Strict-Transport-Security: "max-age=31536000; includeSubdomains; preload"
3030
X-Content-Type-Options: "nosniff"

0 commit comments

Comments
 (0)