From d7873f257d285749a2a13dd163109f20882b22de Mon Sep 17 00:00:00 2001
From: snipe <snipe@snipe.net>
Date: Mon, 6 Apr 2020 14:18:45 -0700
Subject: [PATCH] Fixed CSP for importer

---
 app/Http/Middleware/ContentSecurityPolicyHeader.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/Http/Middleware/ContentSecurityPolicyHeader.php b/app/Http/Middleware/ContentSecurityPolicyHeader.php
index 45720bc682..45c87a59e3 100644
--- a/app/Http/Middleware/ContentSecurityPolicyHeader.php
+++ b/app/Http/Middleware/ContentSecurityPolicyHeader.php
@@ -21,7 +21,7 @@ class ContentSecurityPolicyHeader
 
         $policy[] = "default-src 'self'";
         $policy[] = "style-src 'self' 'unsafe-inline' oss.maxcdn.com";
-        $policy[] = "script-src 'self' 'unsafe-inline' oss.mafxcdn.com cdnjs.cloudflare.com";
+        $policy[] = "script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com";
         $policy[] = "connect-src 'self'";
         $policy[] = "object-src 'none'";
         $policy[] = "font-src 'self' data:";