fix: update csp

TradeTrust · Jul 30, 2024 · f374fe8 · f374fe8
1 parent 624c841
commit f374fe8
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/netlify.toml b/netlify.toml
@@ -30,4 +30,4 @@
   [headers.values]
     X-Content-Type-Options = "nosniff"
     Strict-Transport-Security = "max-age=31536000; includeSubDomains"
-    Content-Security-Policy = "default-src 'self'; img-src 'self'; style-src 'self' https://fonts.googleapis.com https://use.fontawesome.com 'unsafe-inline'; script-src 'self' https://identity.netlify.com https://www.googletagmanager.com 'unsafe-inline' 'unsafe-eval'; font-src 'self' data: https://fonts.gstatic.com https://use.fontawesome.com https://ui.tradetrust.io; connect-src 'self' https://www.google-analytics.com https://identity.netlify.com https://dns.google https://cloudflare-dns.com https://min-api.cryptocompare.com https://api.blocknative.com; frame-src * https://app.netlify.com; frame-ancestors 'self'; object-src 'none';"
+    Content-Security-Policy = "default-src 'self'; img-src 'self'; style-src 'self' https://fonts.googleapis.com https://use.fontawesome.com 'unsafe-inline'; script-src 'self' https://identity.netlify.com https://www.googletagmanager.com 'unsafe-inline' 'unsafe-eval'; font-src 'self' data: https://fonts.gstatic.com https://use.fontawesome.com https://ui.tradetrust.io; connect-src 'self' https://www.google-analytics.com https://identity.netlify.com https://*.infura.io/v3/ https://dns.google https://cloudflare-dns.com https://min-api.cryptocompare.com https://api.blocknative.com; frame-src * https://app.netlify.com; frame-ancestors 'self'; object-src 'none';"