From f4a473948fe480f3fe09cd60b6246b7f5b07de7b Mon Sep 17 00:00:00 2001 From: neri Date: Sun, 2 Jun 2024 14:05:00 +0200 Subject: [PATCH] feat: allow manifest-src in CSP --- src/main.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main.rs b/src/main.rs index f724487..f873fcb 100644 --- a/src/main.rs +++ b/src/main.rs @@ -27,7 +27,7 @@ use tokio::sync::mpsc::channel; const DEFAULT_CONTENT_SECURITY_POLICY: (HeaderName, &str) = ( CONTENT_SECURITY_POLICY, - "default-src 'none'; connect-src 'self'; img-src 'self'; media-src 'self'; font-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'; base-uri 'self'; frame-src 'none'; frame-ancestors 'none'; form-action 'self';" + "default-src 'none'; connect-src 'self'; img-src 'self'; media-src 'self'; font-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'; base-uri 'self'; frame-src 'none'; frame-ancestors 'none'; form-action 'self'; manifest-src 'self';" ); #[allow(clippy::declare_interior_mutable_const)] const DEFAULT_PERMISSIONS: (HeaderName, &str) = (