From efaa4b6901a9c44dd0ee8682653e81b5c6df1e71 Mon Sep 17 00:00:00 2001
From: Timo Bejan <timo.bejan.ext@iqser.com>
Date: Wed, 10 Nov 2021 11:38:45 +0200
Subject: [PATCH] csp attempt 3

---
 angular.json                   | 9 ++++++++-
 docker/common/nginx/nginx.conf | 2 +-
 2 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/angular.json b/angular.json
index e025a6a56..6706ca3d2 100644
--- a/angular.json
+++ b/angular.json
@@ -139,7 +139,14 @@
                   "with": "apps/red-ui/src/environments/environment.prod.ts"
                 }
               ],
-              "optimization": true,
+              "optimization": {
+                "scripts": true,
+                "styles": {
+                  "minify": true,
+                  "inlineCritical": false
+                },
+                "fonts": true
+              },
               "outputHashing": "all",
               "sourceMap": false,
               "namedChunks": false,
diff --git a/docker/common/nginx/nginx.conf b/docker/common/nginx/nginx.conf
index 2dae6cea2..df4460762 100644
--- a/docker/common/nginx/nginx.conf
+++ b/docker/common/nginx/nginx.conf
@@ -6,7 +6,7 @@ server {
   root /usr/share/nginx/html;
   # SSL stuff for cloudflare proxy-ing - ignores SSL certificate and uses SNI
 
-  # add_header Content-Security-Policy "default-src 'self'; style-src 'unsafe-inline' 'self'; script-src 'self'";
+  add_header Content-Security-Policy "default-src 'self'; style-src 'unsafe-inline' 'self';";
 
 
   proxy_ssl_verify off;