From d9ddffbe438046d6f107bc1f2a812a98cb1a6d42 Mon Sep 17 00:00:00 2001
From: Aevann <randomname42029@gmail.com>
Date: Mon, 2 Jan 2023 05:13:53 +0200
Subject: [PATCH] make http://localhost work

---
 nginx-headers.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/nginx-headers.conf b/nginx-headers.conf
index b21d439f6..79e2ee51f 100644
--- a/nginx-headers.conf
+++ b/nginx-headers.conf
@@ -3,4 +3,4 @@ add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; prelo
 add_header X-Frame-Options "deny";
 add_header X-Content-Type-Options "nosniff";
 add_header Report-To "{'group': 'csp', 'max_age': 10886400, 'endpoints': [{'url': '/csp_violations'}]}";
-add_header Content-Security-Policy "upgrade-insecure-requests ; default-src 'none'; frame-ancestors 'none'; form-action 'self'; manifest-src 'self'; worker-src 'self'; base-uri 'self'; font-src 'self'; style-src-elem 'self'; style-src-attr 'unsafe-inline'; style-src 'self' 'unsafe-inline'; script-src-elem 'self' challenges.cloudflare.com; script-src-attr 'none'; script-src 'self' challenges.cloudflare.com; media-src 'self' https:; img-src 'self' https: data:; frame-src challenges.cloudflare.com www.youtube-nocookie.com platform.twitter.com; connect-src 'self' tls-use1.fpapi.io api.fpjs.io; report-to csp; report-uri /csp_violations;";
+add_header Content-Security-Policy "default-src 'none'; frame-ancestors 'none'; form-action 'self'; manifest-src 'self'; worker-src 'self'; base-uri 'self'; font-src 'self'; style-src-elem 'self'; style-src-attr 'unsafe-inline'; style-src 'self' 'unsafe-inline'; script-src-elem 'self' challenges.cloudflare.com; script-src-attr 'none'; script-src 'self' challenges.cloudflare.com; media-src 'self' https:; img-src 'self' https: data:; frame-src challenges.cloudflare.com www.youtube-nocookie.com platform.twitter.com; connect-src 'self' tls-use1.fpapi.io api.fpjs.io; report-to csp; report-uri /csp_violations;";