From 550d958025626ae9d4851783d61a7160bb848546 Mon Sep 17 00:00:00 2001 From: Ruben Fischer Date: Thu, 19 Feb 2026 21:05:43 +0100 Subject: [PATCH] fixed chart display in admin dashboard --- src/web/app.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/web/app.py b/src/web/app.py index df60fa7..966ac9d 100644 --- a/src/web/app.py +++ b/src/web/app.py @@ -68,7 +68,7 @@ class SecurityHeadersMiddleware(BaseHTTPMiddleware): # frame-ancestors 'none' replaces X-Frame-Options for modern browsers. _CSP = ( "default-src 'self'; " - "script-src 'self' 'unsafe-inline' 'unsafe-eval'; " + "script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net; " "style-src 'self' 'unsafe-inline'; " "img-src 'self' data: blob: https://*.supabase.co https://*.linkedin.com https://media.licdn.com; " "connect-src 'self' https://*.supabase.co; "