From 4e098ec66577b4ccd61b6975dab165fa7c9fb0b7 Mon Sep 17 00:00:00 2001
From: "Alexander \"Arav\" Andreev" <me@arav.su>
Date: Tue, 22 Aug 2023 18:21:25 +0400
Subject: [PATCH] style-src unsafe-inline was removed because it doesn't needed
 anymore.

---
 configs/nginx.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/configs/nginx.conf b/configs/nginx.conf
index 5e6cda0..e5042c4 100644
--- a/configs/nginx.conf
+++ b/configs/nginx.conf
@@ -11,7 +11,7 @@ server {
     ssl_certificate_key /etc/letsencrypt/live/arav.su/privkey.pem;
 
 
-    add_header Content-Security-Policy   "default-src 'self'; script-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self'; media-src 'self'; object-src 'none'; frame-src 'none'; frame-ancestors 'none'; font-src 'self'; form-action 'self'";
+    add_header Content-Security-Policy   "default-src 'self'; script-src 'none'; style-src 'self'; img-src 'self'; media-src 'self'; object-src 'none'; frame-src 'none'; frame-ancestors 'none'; font-src 'self'; form-action 'self'";
     add_header X-Frame-Options           "DENY";
     add_header X-Content-Type-Options    "nosniff";
     add_header X-XSS-Protection          "1; mode=block";