From c707402be6ba03f7d02d28675e917e6cda275fc3 Mon Sep 17 00:00:00 2001
From: "Juan P. Prieto" <juanpablo.prieto@shopify.com>
Date: Mon, 13 Nov 2023 16:06:34 -0800
Subject: [PATCH] fix img-src CSP directive

fix CSP directive

.

.
---
 app/entry.server.tsx | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/app/entry.server.tsx b/app/entry.server.tsx
index 37f831b..b31bb76 100644
--- a/app/entry.server.tsx
+++ b/app/entry.server.tsx
@@ -13,11 +13,13 @@ export default async function handleRequest(
   // 1. Add the Rick & Morty CDN to the list of allowed image sources
   const {nonce, header, NonceProvider} = createContentSecurityPolicy({
     imgSrc: [
+      "'self'",
       'http://localhost:3000',
+      'https://*.o2.myshopify.dev',
       'data:',
       'https://cdn.shopify.com',
       'https://shopify.com',
-      'https://rickandmortyapi.com/api',
+      'https://rickandmortyapi.com/api/character',
     ],
   });