From da783ae46706599ad2489d69dc1b9729be559053 Mon Sep 17 00:00:00 2001
From: Matt Cowley <me@mattcowley.co.uk>
Date: Fri, 22 Apr 2022 18:38:41 +0100
Subject: [PATCH] Allow websockets in default CSP (#345)

---
 src/nginxconfig/templates/global_sections/security.vue | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/nginxconfig/templates/global_sections/security.vue b/src/nginxconfig/templates/global_sections/security.vue
index ee1df79..694b222 100644
--- a/src/nginxconfig/templates/global_sections/security.vue
+++ b/src/nginxconfig/templates/global_sections/security.vue
@@ -180,7 +180,7 @@ THE SOFTWARE.
             enabled: true,
         },
         contentSecurityPolicy: {
-            default: 'default-src \'self\' http: https: data: blob: \'unsafe-inline\'; frame-ancestors \'self\';',
+            default: 'default-src \'self\' http: https: ws: wss: data: blob: \'unsafe-inline\'; frame-ancestors \'self\';',
             enabled: true,
         },
         permissionsPolicy: {