From 03570f781617c059a7b9ad4e66ba0667fff974f1 Mon Sep 17 00:00:00 2001
From: YH_hao_are_you <mlapenang1998@gmail.com>
Date: Tue, 31 May 2022 01:10:33 +0900
Subject: [PATCH] allow all in csp (#403)

---
 root/src/index.ejs | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/root/src/index.ejs b/root/src/index.ejs
index 06f091647..938fb6740 100644
--- a/root/src/index.ejs
+++ b/root/src/index.ejs
@@ -16,7 +16,8 @@
     This CSP allows any SSL-enabled host and for arbitrary eval(), but you should limit these directives further to increase your app's security.
     Learn more about CSP policies at https://content-security-policy.com/#directive
   -->
-  <meta http-equiv="Content-Security-Policy" content="default-src * 'self' blob: https: localhost:*; script-src 'unsafe-inline' 'unsafe-eval' blob: https: localhost:*; connect-src https: localhost:* ws://localhost:*; style-src 'unsafe-inline' https: localhost:*; object-src 'none'; img-src 'self' https: localhost:* data: http://books.google.com http://cdn.viglink.com; font-src 'self' https: localhost:* data:;">
+  <!-- <meta http-equiv="Content-Security-Policy" content="default-src * 'self' blob: https: localhost:*; script-src 'unsafe-inline' 'unsafe-eval' blob: https: localhost:*; connect-src https: localhost:* ws://localhost:*; style-src 'unsafe-inline' https: localhost:*; object-src 'none'; img-src 'self' https: localhost:* data: http://books.google.com http://cdn.viglink.com; font-src 'self' https: localhost:* data:;"> -->
+  <meta http-equiv="Content-Security-Policy" content="default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';">
   <meta name="importmap-type" content="systemjs-importmap" />
   <!-- If you wish to turn off import-map-overrides for specific environments (prod), uncomment the line below -->
   <!-- More info at https://github.com/joeldenning/import-map-overrides/blob/master/docs/configuration.md#domain-list -->