From e305cbbdbc49af575e25957f6ab72ccf944339ec Mon Sep 17 00:00:00 2001
From: Armand Philippot <git@armandphilippot.com>
Date: Fri, 20 May 2022 23:27:24 +0200
Subject: fix: update CSP for media src

Some webm video was not loaded because of Content Security Policy.
---
 next.config.js | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'next.config.js')

diff --git a/next.config.js b/next.config.js
index fc35b57..872efe2 100644
--- a/next.config.js
+++ b/next.config.js
@@ -16,7 +16,7 @@ const contentSecurityPolicy = `
   font-src 'self';
   frame-src 'self';
   img-src 'self' ${backendDomain} secure.gravatar.com data:;
-  media-src 'self' data:;
+  media-src 'self' ${backendDomain} data:;
   script-src 'self' ${ackeeDomain} 'unsafe-inline' data:;
   style-src 'self' 'unsafe-inline';
 `;
@@ -28,7 +28,7 @@ const contentSecurityPolicyDev = `
   font-src 'self';
   frame-src 'self';
   img-src 'self' ${backendDomain} secure.gravatar.com data:;
-  media-src 'self' data:;
+  media-src 'self' ${backendDomain} data:;
   object-src 'self' data:;
   script-src 'self' ${ackeeDomain} 'unsafe-inline' 'unsafe-eval' data:;
   style-src 'self' 'unsafe-inline';
-- 
cgit v1.2.3