From fd3841c03f264a1563e8c7faa55dbf0dcca50993 Mon Sep 17 00:00:00 2001
From: a-roberts <aroberts@uk.ibm.com>
Date: Tue, 21 Apr 2020 15:53:01 +0100
Subject: [PATCH] Add unsafe inline and blob to CSP

---
 webpack.common.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/webpack.common.js b/webpack.common.js
index a9cbffb89..b1c0f1328 100644
--- a/webpack.common.js
+++ b/webpack.common.js
@@ -17,7 +17,7 @@ const contentSecurityPolicy = {
   development:
     "default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-eval'; style-src blob:; connect-src 'self'; font-src 'self' https://fonts.gstatic.com;",
   production:
-    "default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; connect-src 'self'; font-src 'self' https://fonts.gstatic.com;"
+    "default-src 'none'; img-src 'self'; script-src 'self' blob:; style-src 'self' 'unsafe-inline'; connect-src 'self'; font-src 'self' https://fonts.gstatic.com;"
 };
 
 module.exports = ({ mode }) => ({