From 988ede69d2a3eb4c197a6b93ac4c7ada74ad6edb Mon Sep 17 00:00:00 2001 From: Joey Perrott Date: Thu, 1 May 2025 14:03:01 +0000 Subject: [PATCH] docs: update the csp to include material.angular.dev for files served statically --- docs/angular.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/angular.json b/docs/angular.json index 676de1bafb11..6b4d03015bfc 100644 --- a/docs/angular.json +++ b/docs/angular.json @@ -106,7 +106,7 @@ "options": { "headers": { "--NOTE--": "Keep in sync with `firebase.json`", - "Content-Security-Policy": "upgrade-insecure-requests; default-src 'self'; font-src 'self' https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: *; frame-src https://www.youtube.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.google-analytics.com https://www.googletagmanager.com; child-src 'self' blob:; connect-src 'self' https://material.angular.io https://*.google-analytics.com https://stats.g.doubleclick.net https://api.github.com https://www.googletagmanager.com;" + "Content-Security-Policy": "upgrade-insecure-requests; default-src 'self'; font-src 'self' https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: *; frame-src https://www.youtube.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.google-analytics.com https://www.googletagmanager.com; child-src 'self' blob:; connect-src 'self' https://material.angular.io https://material.angular.dev https://*.google-analytics.com https://stats.g.doubleclick.net https://api.github.com https://www.googletagmanager.com;" }, "buildTarget": "material-angular-io:build" },