From 7903f50723ca8cd178c422749173c6c04bd0865a Mon Sep 17 00:00:00 2001
From: ozwaldorf <self@ossian.dev>
Date: Sat, 12 Oct 2024 10:50:13 -0400
Subject: [PATCH] feat: allow inline style in csp

---
 src/main.rs | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/src/main.rs b/src/main.rs
index 83ac20f..9b535f7 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -59,7 +59,7 @@ fn main(req: Request) -> Result<Response, Error> {
     // - deny all frame ancestors
     res.set_header(
         header::CONTENT_SECURITY_POLICY,
-        "default-src *; object-src 'none'; script-src 'none'; frame-ancestors 'none'",
+        "default-src *; style-src * 'unsafe-inline'; object-src 'none'; script-src 'none'; frame-ancestors 'none'",
     );
 
     Ok(res)
@@ -167,6 +167,12 @@ fn handle_get(req: Request) -> Result<Response, Error> {
     <head>
         <title>no bs pastebin</title>
     </head>
+    <style>
+        body {
+            color: #f4f4f4;
+            background-color: #0b0b0b;
+        }
+    </style>
     <body>
         <pre>"
                         .to_string()