Remove CSP "Upgrade Insecure Requests" Header

libreddit · Jan 4, 2021 · f819ad2 · f819ad2
1 parent f5884a5
commit f819ad2
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/templates/base.html b/templates/base.html
@@ -4,7 +4,7 @@
 		{% block head %}
 		<title>{% block title %}Libreddit{% endblock %}</title>
 		<meta http-equiv="Referrer-Policy" content="no-referrer">
-		<meta http-equiv="Content-Security-Policy" content="default-src 'self'; style-src 'self' 'unsafe-inline'; base-uri 'none'; form-action 'self'; upgrade-insecure-requests">
+		<meta http-equiv="Content-Security-Policy" content="default-src 'self'; style-src 'self' 'unsafe-inline'; base-uri 'none'; form-action 'self';">
 		<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
 		<meta name="description" content="View on Libreddit, an alternative private front-end to Reddit.">
 		<meta name="viewport" content="width=device-width, initial-scale=1.0">