From f4a473948fe480f3fe09cd60b6246b7f5b07de7b Mon Sep 17 00:00:00 2001
From: neri <neri@ctdo.de>
Date: Sun, 2 Jun 2024 14:05:00 +0200
Subject: [PATCH] feat: allow manifest-src in CSP

---
 src/main.rs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/main.rs b/src/main.rs
index f724487..f873fcb 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -27,7 +27,7 @@ use tokio::sync::mpsc::channel;
 
 const DEFAULT_CONTENT_SECURITY_POLICY: (HeaderName, &str) = (
     CONTENT_SECURITY_POLICY,
-    "default-src 'none'; connect-src 'self'; img-src 'self'; media-src 'self'; font-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'; base-uri 'self'; frame-src 'none'; frame-ancestors 'none'; form-action 'self';"
+    "default-src 'none'; connect-src 'self'; img-src 'self'; media-src 'self'; font-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'; base-uri 'self'; frame-src 'none'; frame-ancestors 'none'; form-action 'self'; manifest-src 'self';"
 );
 #[allow(clippy::declare_interior_mutable_const)]
 const DEFAULT_PERMISSIONS: (HeaderName, &str) = (