From 6bc4d48686de92e0bce074bb14962cd360082b81 Mon Sep 17 00:00:00 2001
From: Jarold Wong <cwjwong@ucdavis.edu>
Date: Wed, 3 Apr 2024 17:01:34 -0700
Subject: [PATCH] add connect-src

---
 nginx.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/nginx.conf b/nginx.conf
index 2570ed9db..8f3e80da6 100644
--- a/nginx.conf
+++ b/nginx.conf
@@ -39,7 +39,7 @@ http {
             index  index.html index.htm;
 
             add_header Cache-Control "no-cache";
-            add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com";
+            add_header Content-Security-Policy "default-src 'self'; connect-src 'api.ipa.ucdavis.edu'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com";
             add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload";
             add_header X-Content-Type-Options "nosniff";