From fd6bf18a4cc66dacff1f4cb83fbe0066e594d4c0 Mon Sep 17 00:00:00 2001
From: Christian Fehmer <fehmer@users.noreply.github.com>
Date: Fri, 14 Feb 2025 19:05:00 +0100
Subject: [PATCH] fix: update csp entries for redocly (@fehmer) (#6265)

!nuf
---
 backend/src/api/routes/docs.ts | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/backend/src/api/routes/docs.ts b/backend/src/api/routes/docs.ts
index ea67bdd3d..3532e0be1 100644
--- a/backend/src/api/routes/docs.ts
+++ b/backend/src/api/routes/docs.ts
@@ -29,6 +29,6 @@ export default router;
 function setCsp(res: Response): void {
   res.setHeader(
     "Content-Security-Policy",
-    "default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' monkeytype.com cdn.redoc.ly data:;object-src 'none';script-src 'self' cdn.redoc.ly 'unsafe-inline'; worker-src blob: data;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests"
+    "default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' monkeytype.com cdn.redocly.com data:;object-src 'none';script-src 'self' cdn.redocly.com 'unsafe-inline'; worker-src blob: data;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests"
   );
 }