From 9a39bedd3a232cf33246285e627cd30647f23477 Mon Sep 17 00:00:00 2001
From: retoor <retoor@molodetz.nl>
Date: Fri, 6 Jun 2025 03:39:33 +0200
Subject: [PATCH] Update.

---
 src/snek/system/middleware.py | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/src/snek/system/middleware.py b/src/snek/system/middleware.py
index 7a60d1d..3dc41cf 100644
--- a/src/snek/system/middleware.py
+++ b/src/snek/system/middleware.py
@@ -9,7 +9,15 @@
 from aiohttp import web
 import secrets
 
-csp_policy = "default-src 'self'; script-src 'self' 'nonce-{nonce}'; style-src 'self';"
+
+csp_policy = (
+    "default-src 'self'; "
+    "script-src 'self' https://*.cloudflare.com https://molodetz.nl 'nonce-{nonce}'; "
+    "style-src 'self' https://*.cloudflare.com https://molodetz.nl; "
+    "img-src 'self' https://*.cloudflare.com https://molodetz.nl data:; "
+    "connect-src 'self' https://*.cloudflare.com https://molodetz.nl;"
+)
+
 
 def generate_nonce():
     return secrets.token_hex(16)