From fa30404048c0f30a92806e46b855a244d2a8da0a Mon Sep 17 00:00:00 2001
From: Mar0xy <marie@kaifa.ch>
Date: Sun, 24 Sep 2023 22:13:20 +0200
Subject: [PATCH] upd: header

---
 .../src/server/api/mastodon/MastodonApiServerService.ts  | 9 +--------
 1 file changed, 1 insertion(+), 8 deletions(-)

diff --git a/packages/backend/src/server/api/mastodon/MastodonApiServerService.ts b/packages/backend/src/server/api/mastodon/MastodonApiServerService.ts
index d390597216..7c1a407c55 100644
--- a/packages/backend/src/server/api/mastodon/MastodonApiServerService.ts
+++ b/packages/backend/src/server/api/mastodon/MastodonApiServerService.ts
@@ -41,14 +41,7 @@ export class MastodonApiServerService {
 		});
 
 		fastify.addHook('onRequest', (request, reply, done) => {
-			reply.header('Content-Security-Policy', `default-src * data: mediastream: blob: filesystem: about: ws: wss: 'unsafe-eval' 'wasm-unsafe-eval' 'unsafe-inline'; 
-			script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; 
-			connect-src * data: blob: 'unsafe-inline'; 
-			img-src * data: blob: 'unsafe-inline'; 
-			frame-src * data: blob: ; 
-			style-src * data: blob: 'unsafe-inline';
-			font-src * data: blob: 'unsafe-inline';
-			frame-ancestors * data: blob: 'unsafe-inline';`);
+			reply.header('Access-Control-Allow-Origin', '*');
 			done();
 		});
 
-- 
GitLab