From 19e0fb7955e6192b9642ee0fe1ce04133965e50e Mon Sep 17 00:00:00 2001
From: snipe <snipe@snipe.net>
Date: Fri, 1 Mar 2024 12:25:14 +0000
Subject: [PATCH] Reverting CSP change

Signed-off-by: snipe <snipe@snipe.net>
---
 app/Http/Middleware/SecurityHeaders.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/app/Http/Middleware/SecurityHeaders.php b/app/Http/Middleware/SecurityHeaders.php
index af13156da5..25f0461fcf 100644
--- a/app/Http/Middleware/SecurityHeaders.php
+++ b/app/Http/Middleware/SecurityHeaders.php
@@ -83,8 +83,8 @@ class SecurityHeaders
 
         if ((config('app.debug') != 'true') && (config('app.enable_csp') == 'true')) {
             $csp_policy[] = "default-src 'self'";
-            $csp_policy[] = "style-src 'self'";
-            $csp_policy[] = "script-src 'self'";
+            $csp_policy[] = "style-src 'self' 'unsafe-inline'";
+            $csp_policy[] = "script-src 'self' 'unsafe-inline' 'unsafe-eval'";
             $csp_policy[] = "connect-src 'self'";
             $csp_policy[] = "object-src 'none'";
             $csp_policy[] = "font-src 'self' data:";