From 5584299d44d3dc7caa184b23d3853e2ea89d80ec Mon Sep 17 00:00:00 2001
From: code002lover <code002lover@ipost.rocks>
Date: Mon, 19 Jan 2026 16:20:55 +0100
Subject: [PATCH] fix CSP

---
 backend/src/security_headers.rs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/backend/src/security_headers.rs b/backend/src/security_headers.rs
index 7e061dc..3c7419f 100644
--- a/backend/src/security_headers.rs
+++ b/backend/src/security_headers.rs
@@ -23,7 +23,7 @@ impl Fairing for SecurityHeaders {
         ));
         response.set_header(Header::new(
             "Content-Security-Policy",
-            "default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self'; font-src 'self' data:; connect-src 'self'; frame-ancestors 'none';",
+            "default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:; connect-src 'self'; frame-ancestors 'none';",
         ));
         response.set_header(Header::new(
             "Permissions-Policy",