From d55eeb34925c023bc832c820313b0227a8df9443 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Thomas=20Rame=CC=81?= <thomas.rame@outlook.com>
Date: Mon, 9 Dec 2024 17:49:08 +0100
Subject: [PATCH] fix: safari is requiring a specific csp rule for crisp

---
 src/middleware.ts | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/middleware.ts b/src/middleware.ts
index dc37c85..5238ab0 100644
--- a/src/middleware.ts
+++ b/src/middleware.ts
@@ -65,9 +65,9 @@ function formatSecurityHeaders(nonce?: string) {
       ' '
     )};object-src 'none';script-src ${`'nonce-${nonce}'`} ${scriptSrcValues.join(' ')};script-src-attr 'none';connect-src ${connectSrcValues.join(
       ' '
-    )};style-src-elem 'unsafe-inline' ${styleSrcValues.join(' ')};style-src-attr 'self' ${libraryCompatibilityWorkaround ? "'unsafe-inline'" : ''}${
-      upgradeInsecureRequests ? ';upgrade-insecure-requests' : ''
-    }`,
+    )};style-src ${styleSrcValues.join(' ')};style-src-elem 'unsafe-inline' ${styleSrcValues.join(' ')};style-src-attr 'self' ${
+      libraryCompatibilityWorkaround ? "'unsafe-inline'" : ''
+    }${upgradeInsecureRequests ? ';upgrade-insecure-requests' : ''}`,
     'Origin-Agent-Cluster': '?1',
     'Referrer-Policy': 'no-referrer',
     'Strict-Transport-Security': 'max-age=15552000; includeSubDomains',