diff --git a/nginx.conf b/nginx.conf index c697f54d..5038c64f 100644 --- a/nginx.conf +++ b/nginx.conf @@ -26,11 +26,11 @@ http { server { set $CSP_DEFAULT "default-src 'self' blob:"; - set $CSP_SCRIPT "script-src 'self' 'unsafe-eval' 'unsafe-inline' www.googletagmanager.com accounts.google.com *.hotjar.com www.google-analytics.com cdn.logr-ingest.com"; + set $CSP_SCRIPT "script-src 'self' 'unsafe-eval' 'unsafe-inline' www.googletagmanager.com accounts.google.com connect.facebook.net *.hotjar.com www.google-analytics.com cdn.logr-ingest.com"; set $CSP_STYLE "style-src 'self' 'unsafe-hashes' 'unsafe-inline' ilhasoft.com.br accounts.google.com fonts.googleapis.com"; set $CSP_FONT "font-src 'self' data: fonts.gstatic.com"; set $CSP_IMAGE "img-src 'self' data: blob: www.google-analytics.com www.google.com.br www.googletagmanager.com *.amazonaws.com https://tile.openstreetmap.org"; - set $CSP_CONNECT "connect-src 'self' blob: *.weni.ai *.bothub.it www.google-analytics.com analytics.google.com *.hotjar.io wss://ws.hotjar.com https://cdn.plyr.io"; + set $CSP_CONNECT "connect-src 'self' blob: *.weni.ai *.bothub.it accounts.google.com www.google-analytics.com analytics.google.com *.hotjar.io wss://ws.hotjar.com https://cdn.plyr.io"; set $CSP_FRAME_SRC "frame-src 'self' *.weni.ai https://td.doubleclick.net"; set $CSP_WORKER_SRC "worker-src data: blob:"; set $CSP_FRAME_ANCESTORS "frame-ancestors 'self' *.weni.ai"; diff --git a/package.json b/package.json index 085c36d7..90913f34 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "weni-integrations", - "version": "2.2.8", + "version": "2.2.9", "private": true, "type": "module", "scripts": {