From e0468c421d615174e08bb2b1651b3d0e56eff894 Mon Sep 17 00:00:00 2001
From: Jesse Wierzbinski <contact@cpluspatch.com>
Date: Sun, 5 May 2024 23:00:15 -1000
Subject: [PATCH] fix: :bug: Fix form-action CSP

---
 nuxt.config.ts | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/nuxt.config.ts b/nuxt.config.ts
index 1855b2c..73f5511 100644
--- a/nuxt.config.ts
+++ b/nuxt.config.ts
@@ -21,6 +21,8 @@ export default defineNuxtConfig({
             contentSecurityPolicy: {
                 "img-src": ["'self'", "data:", "https:"],
                 "script-src": ["'nonce-{{nonce}}'", "'strict-dynamic'"],
+                // Add https because of some browsers blocking form-action to 'self' if the page is from a redirect
+                "form-action": ["'self'", "https:"],
             },
             crossOriginResourcePolicy: "same-origin",
             xFrameOptions: "DENY",