diff --git a/lib/web/plugs/http_security_plug.ex b/lib/web/plugs/http_security_plug.ex index b18c85d1..082507a2 100644 --- a/lib/web/plugs/http_security_plug.ex +++ b/lib/web/plugs/http_security_plug.ex @@ -85,7 +85,8 @@ defmodule Mobilizon.Web.Plugs.HTTPSecurityPlug do else [ @script_src, - "'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI=' " + "'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI=' ", + "'sha256-zJdRXhLWm9NGI6BFr+sNmHBBrjAdJdFr7MpUq0EwK58=' " ] end diff --git a/lib/web/templates/page/index.html.heex b/lib/web/templates/page/index.html.heex index d24ba8cf..7047727c 100644 --- a/lib/web/templates/page/index.html.heex +++ b/lib/web/templates/page/index.html.heex @@ -20,7 +20,6 @@ <% end %> <%= tags(assigns) || assigns.tags %> - <%= Vite.inlined_phx_manifest() %> <%= Vite.vite_client() %> <%= Vite.vite_snippet("src/main.ts") %> diff --git a/test/web/plugs/http_security_plug_test.exs b/test/web/plugs/http_security_plug_test.exs index 6abd6a6c..43be1dec 100644 --- a/test/web/plugs/http_security_plug_test.exs +++ b/test/web/plugs/http_security_plug_test.exs @@ -73,7 +73,7 @@ defmodule Mobilizon.Web.Plugs.HTTPSecurityPlugTest do [csp] = Conn.get_resp_header(conn, "content-security-policy") assert csp =~ - ~r/script-src 'self' 'unsafe-eval' 'sha256-[\w+\/=]*' example.com matomo.example.com ;/ + ~r/script-src 'self' 'unsafe-eval' 'sha256-[\w+\/=]*' 'sha256-[\w+\/=]*' example.com matomo.example.com ;/ end end