From ad0cd8bf0fe4bc5dc661f76dd9d37a715e6e7a22 Mon Sep 17 00:00:00 2001
From: Aakash Singh <mail@singhaakash.dev>
Date: Wed, 24 Jan 2024 20:24:12 +0530
Subject: [PATCH 1/2] relax csp for styles and connect urls

---
 netlify.toml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/netlify.toml b/netlify.toml
index f2e39df3dff..8ec21b0849e 100644
--- a/netlify.toml
+++ b/netlify.toml
@@ -27,8 +27,8 @@ status = 200
     Content-Security-Policy = '''
       default-src 'self';
       script-src 'self' 'nonce-f51b9742' https://plausible.10bedicu.in;
-      style-src 'self' 'nonce-7e14cf80';
-      connect-src 'self' ws: wss: https://sentry.io https://plausible.10bedicu.in https://api.data.gov.in https://egov-s3-facility-10bedicu.s3.amazonaws.com https://egov-s3-patient-data-10bedicu.s3.amazonaws.com;
+      style-src 'self' 'unsafe-inline';
+      connect-src *;
       img-src 'self' blob: data: https://cdn.coronasafe.network https://egov-s3-facility-10bedicu.s3.amazonaws.com https://egov-s3-patient-data-10bedicu.s3.amazonaws.com;
       media-src 'self' blob: data: https://cdn.coronasafe.network https://egov-s3-facility-10bedicu.s3.amazonaws.com https://egov-s3-patient-data-10bedicu.s3.amazonaws.com;
       object-src 'self' blob: https://egov-s3-facility-10bedicu.s3.amazonaws.com https://egov-s3-patient-data-10bedicu.s3.amazonaws.com;

From a2bf4e253439e574aa805420450e5a752de64c46 Mon Sep 17 00:00:00 2001
From: Ashesh <3626859+Ashesh3@users.noreply.github.com>
Date: Wed, 24 Jan 2024 21:42:52 +0530
Subject: [PATCH 2/2] Allow media-src: * to resolve playback issues on iPhone

---
 netlify.toml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/netlify.toml b/netlify.toml
index 8ec21b0849e..7485457678a 100644
--- a/netlify.toml
+++ b/netlify.toml
@@ -30,6 +30,6 @@ status = 200
       style-src 'self' 'unsafe-inline';
       connect-src *;
       img-src 'self' blob: data: https://cdn.coronasafe.network https://egov-s3-facility-10bedicu.s3.amazonaws.com https://egov-s3-patient-data-10bedicu.s3.amazonaws.com;
-      media-src 'self' blob: data: https://cdn.coronasafe.network https://egov-s3-facility-10bedicu.s3.amazonaws.com https://egov-s3-patient-data-10bedicu.s3.amazonaws.com;
+      media-src *;
       object-src 'self' blob: https://egov-s3-facility-10bedicu.s3.amazonaws.com https://egov-s3-patient-data-10bedicu.s3.amazonaws.com;
       '''