From d79868c45ed0325b4ebe580929d88d7f1d89083a Mon Sep 17 00:00:00 2001
From: Andrew Simonson <asimonson1125@gmail.com>
Date: Sun, 29 Jan 2023 18:13:01 -0600
Subject: [PATCH] allow eval to be used in container

---
 flask.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/flask.conf b/flask.conf
index 218e6d6..2273c74 100644
--- a/flask.conf
+++ b/flask.conf
@@ -7,7 +7,7 @@ server {
     listen      8080;
     server_name asimonson.com;
 
-    add_header Content-Security-Policy "default-src 'self' 'unsafe-inline' *.cloudflare.com *.chesscomfiles.com *.chess.com *.googletagmanager.com cdn.jsdelivr.net www.google-analytics.com ajax.googleapis.com;";
+    add_header Content-Security-Policy "default-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudflare.com *.chesscomfiles.com *.chess.com *.googletagmanager.com cdn.jsdelivr.net www.google-analytics.com ajax.googleapis.com;";
     add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
     add_header X-Content-Type-Options 'nosniff';
     add_header X-Frame-Options 'SAMEORIGIN';