From 80a1bb0dff79c7abbd1203be9d394ef3be37a0c1 Mon Sep 17 00:00:00 2001
From: xbpcb <ch.kyrill@gmail.com>
Date: Wed, 15 Nov 2023 13:54:42 +0200
Subject: [PATCH] Fix the security policy issue with the new analytics script
 (#1809)

* HelmetCsp: fix connectSrc for analytics script

* Fix linter issue
---
 config/helmet-csp.js | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/config/helmet-csp.js b/config/helmet-csp.js
index 9b63dde97..4e5987270 100644
--- a/config/helmet-csp.js
+++ b/config/helmet-csp.js
@@ -62,7 +62,8 @@ const CSP = {
     connectSrc: [
         'syndication.twitter.com',
         'https://api.github.com/repos/jsdelivr/bootstrapcdn',
-        'https://stats.g.doubleclick.net'
+        'https://stats.g.doubleclick.net',
+        'https://datum.jsdelivr.com/api/event'
     ],
     objectSrc: ['img.shields.io'],
     manifestSrc: ['\'self\'']