X-Git-Url: http://git.squeep.com/?a=blobdiff_plain;f=lib%2Fpleroma%2Fweb%2Fplugs%2Fhttp_security_plug.ex;h=5f0b775bea9e1025b28bdbc03111308743f7c02a;hb=9a320ba8149a3efae1235b3b68dbf1bbad423e0d;hp=6593347caf2a6d8281e701fccaea64bcbca7c0f8;hpb=e2320f870e6ef4e8fc9f63282cbd459e819d740a;p=akkoma

diff --git a/lib/pleroma/web/plugs/http_security_plug.ex b/lib/pleroma/web/plugs/http_security_plug.ex
index 6593347ca..5f0b775be 100644
--- a/lib/pleroma/web/plugs/http_security_plug.ex
+++ b/lib/pleroma/web/plugs/http_security_plug.ex
@@ -111,8 +111,8 @@ defmodule Pleroma.Web.Plugs.HTTPSecurityPlug do
         ["connect-src 'self' blob: ", static_url, ?\s, websocket_url]
       end
 
-    style_src = "style-src 'self' '#{nonce_tag}'"
-    font_src = "font-src 'self' '#{nonce_tag}' data:"
+    style_src = "style-src 'self' 'unsafe-inline'"
+    font_src = "font-src 'self' data:"
 
     script_src =
       if Config.get(:env) == :dev do