From 35fea60750fc4e50631f6bbb5d7f5d4850739be5 Mon Sep 17 00:00:00 2001
From: Tim Wundenberg <tim@wundenbergs.de>
Date: Tue, 19 Nov 2024 22:04:43 +0100
Subject: [PATCH] feat(security): enable Content-Security-Plolicy for external
 js

---
 middleware/content_security_policiy.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/middleware/content_security_policiy.go b/middleware/content_security_policiy.go
index e28d707..11aebc5 100644
--- a/middleware/content_security_policiy.go
+++ b/middleware/content_security_policiy.go
@@ -5,7 +5,7 @@ import "net/http"
 func ContentSecurityPolicy(next http.Handler) http.Handler {
 
 	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		w.Header().Set("Content-Security-Policy", "default-src 'self'; script-src 'self' https://umami.me-fit.eu/script.js")
+		w.Header().Set("Content-Security-Policy", "default-src 'self' https://umami.me-fit.eu")
 
 		next.ServeHTTP(w, r)
 	})