From 5adfc7f2274d93cdf54e31d78baa633b6ed75c5a Mon Sep 17 00:00:00 2001
From: olaszakos <olaszakos@gmail.com>
Date: Thu, 19 Oct 2023 12:21:26 +0200
Subject: [PATCH] modify CSP for matomo overlay

---
 static/.ic-assets.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/static/.ic-assets.json b/static/.ic-assets.json
index 63da4f0dc6..2b19d6d576 100644
--- a/static/.ic-assets.json
+++ b/static/.ic-assets.json
@@ -7,7 +7,7 @@
     "match": "**/*",
     "allow_raw_access": true,
     "headers": {
-      "Content-Security-Policy": "default-src 'self';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://cdn.matomo.cloud https://widget.kapa.ai https://www.google.com https://www.gstatic.com;connect-src 'self' https://*.ic0.app https://ic0.app https://icp0.io https://*.icp0.io https://internetcomputer.matomo.cloud https://cdn.matomo.cloud ic-api.internetcomputer.org mxzaz-hqaaa-aaaar-qaada-cai.raw.ic0.app https://data.jsdelivr.com https://cdn.jsdelivr.net https://kapa-widget-proxy-la7dkmplpq-uc.a.run.app;img-src 'self' data: https:;style-src * 'unsafe-inline';style-src-elem * 'unsafe-inline';font-src * data:;object-src 'none';base-uri 'self';frame-src https://motoko.agorapp.dev https://www.google.com;frame-ancestors 'self' https://internetcomputer.matomo.cloud;form-action 'self' https://dfinity.us16.list-manage.com https://internetcomputer.org;upgrade-insecure-requests;",
+      "Content-Security-Policy": "default-src 'self';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://internetcomputer.matomo.cloud https://cdn.matomo.cloud https://widget.kapa.ai https://www.google.com https://www.gstatic.com;connect-src 'self' https://*.ic0.app https://ic0.app https://icp0.io https://*.icp0.io https://internetcomputer.matomo.cloud https://cdn.matomo.cloud ic-api.internetcomputer.org mxzaz-hqaaa-aaaar-qaada-cai.raw.ic0.app https://data.jsdelivr.com https://cdn.jsdelivr.net https://kapa-widget-proxy-la7dkmplpq-uc.a.run.app;img-src 'self' data: https:;style-src * 'unsafe-inline';style-src-elem * 'unsafe-inline';font-src * data:;object-src 'none';base-uri 'self';frame-src https://motoko.agorapp.dev https://www.google.com;frame-ancestors https://internetcomputer.matomo.cloud;form-action 'self' https://dfinity.us16.list-manage.com https://internetcomputer.org;upgrade-insecure-requests;",
       "X-Frame-Options": "DENY",
       "Referrer-Policy": "same-origin",
       "Strict-Transport-Security": "max-age=31536000; includeSubDomains",