diff --git a/netlify.toml b/netlify.toml index ac81a92..d018039 100644 --- a/netlify.toml +++ b/netlify.toml @@ -10,7 +10,7 @@ for = "/*" [headers.values] - Content-Security-Policy = "default-src 'self'; connect-src 'self' https: wss:; base-uri 'self'; form-action 'self'; frame-ancestors 'none'; img-src 'self' https: data:; media-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' http: https:; frame-src 'self' http: https:; style-src 'self' 'unsafe-inline'" + Content-Security-Policy = "default-src 'self'; connect-src 'self' https: wss: https://*.walletconnect.com https://pulse.walletconnect.org https://relay.walletconnect.com; base-uri 'self'; form-action 'self'; frame-ancestors 'none'; img-src 'self' https: data:; media-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' http: https: https://*.youtube.com https://s.ytimg.com; frame-src 'self' http: https: https://*.youtube.com; style-src 'self' 'unsafe-inline'; font-src 'self' https: data:" Referrer-Policy = "strict-origin-when-cross-origin" Strict-Transport-Security = "max-age=31536000; includeSubDomains" X-Content-Type-Options = "nosniff"