From 20a63832734b56c279e0c0df76a51bd375efa04a Mon Sep 17 00:00:00 2001
From: unlishema <unlishema@jtryba.com>
Date: Sat, 23 Nov 2024 04:42:21 -0500
Subject: [PATCH] Fixed CSP for local

---
 dist/.htaccess | 2 +-
 src/.htaccess  | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/dist/.htaccess b/dist/.htaccess
index 1465ae0..d2b8bf5 100644
--- a/dist/.htaccess
+++ b/dist/.htaccess
@@ -23,7 +23,7 @@ ErrorDocument 504 /pages/error.html?code=504
     Header set X-XSS-Protection "1; mode=block"
     Header set Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
     Header set Referrer-Policy "strict-origin-when-cross-origin"
-    Header set Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self'; frame-ancestors https://unlishema.org https://*.unlishema.org"
+    Header set Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self'; frame-ancestors http://unlishema.local https://unlishema.org https://*.unlishema.org"
     Header set Permissions-Policy "geolocation=(), microphone=(), camera=()"
 </IfModule>
 
diff --git a/src/.htaccess b/src/.htaccess
index 1465ae0..d2b8bf5 100644
--- a/src/.htaccess
+++ b/src/.htaccess
@@ -23,7 +23,7 @@ ErrorDocument 504 /pages/error.html?code=504
     Header set X-XSS-Protection "1; mode=block"
     Header set Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
     Header set Referrer-Policy "strict-origin-when-cross-origin"
-    Header set Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self'; frame-ancestors https://unlishema.org https://*.unlishema.org"
+    Header set Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self'; frame-ancestors http://unlishema.local https://unlishema.org https://*.unlishema.org"
     Header set Permissions-Policy "geolocation=(), microphone=(), camera=()"
 </IfModule>
 
-- 
2.43.0