fix: update CSP for media src

Some webm video was not loaded because of Content Security Policy.
author: Armand Philippot <git@armandphilippot.com> 2022-05-20 23:27:24 +0200
committer: Armand Philippot <git@armandphilippot.com> 2022-05-21 19:24:48 +0200
commit: e305cbbdbc49af575e25957f6ab72ccf944339ec (patch)
tree: c2812813c03bf42665e821930a97ede86dfd93bb
parent: 802548124071039f83ebfa2605e839ded82b5689 (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/next.config.js b/next.config.js
index fc35b57..872efe2 100644
--- a/next.config.js
+++ b/next.config.js
@@ -16,7 +16,7 @@ const contentSecurityPolicy = `
   font-src 'self';
   frame-src 'self';
   img-src 'self' ${backendDomain} secure.gravatar.com data:;
-  media-src 'self' data:;
+  media-src 'self' ${backendDomain} data:;
   script-src 'self' ${ackeeDomain} 'unsafe-inline' data:;
   style-src 'self' 'unsafe-inline';
 `;
@@ -28,7 +28,7 @@ const contentSecurityPolicyDev = `
   font-src 'self';
   frame-src 'self';
   img-src 'self' ${backendDomain} secure.gravatar.com data:;
-  media-src 'self' data:;
+  media-src 'self' ${backendDomain} data:;
   object-src 'self' data:;
   script-src 'self' ${ackeeDomain} 'unsafe-inline' 'unsafe-eval' data:;
   style-src 'self' 'unsafe-inline';
author	Armand Philippot <git@armandphilippot.com>	2022-05-20 23:27:24 +0200
committer	Armand Philippot <git@armandphilippot.com>	2022-05-21 19:24:48 +0200
commit	e305cbbdbc49af575e25957f6ab72ccf944339ec (patch)
tree	c2812813c03bf42665e821930a97ede86dfd93bb
parent	802548124071039f83ebfa2605e839ded82b5689 (diff)