Allow linode and akamai first-party scripts in CSP

alertmybanjos · alertmybanjos · commit d909ba367980 · 2026-04-14T12:55:00.000-04:00
diff --git a/config/development/server.toml b/config/development/server.toml
@@ -6,7 +6,7 @@ X-Frame-Options = "DENY"
 X-XSS-Protection = "1; mode=block"
 X-Content-Type-Options = "nosniff"
 Referrer-Policy = "no-referrer"
-Content-Security-Policy = "script-src 'self' *.googletagmanager.com *.adobedtm.com *.trustarc.com *.weglot.com *.disqus.com 'unsafe-eval' 'unsafe-inline'"
+Content-Security-Policy = "script-src 'self' *.googletagmanager.com *.adobedtm.com *.trustarc.com *.weglot.com *.disqus.com *.linode.com *.akamai.com 'unsafe-eval' 'unsafe-inline'"
 
 [[headers]]
 for = "/**.{css,jpg,js}"
diff --git a/netlify.toml b/netlify.toml
@@ -54,7 +54,7 @@ X-Frame-Options = "DENY"
 X-XSS-Protection = "1; mode=block"
 X-Content-Type-Options = "nosniff"
 Referrer-Policy = "no-referrer"
-Content-Security-Policy = "script-src 'self' *.googletagmanager.com *.trustarc.com *.weglot.com *.disqus.com 'unsafe-eval' 'unsafe-inline'"
+Content-Security-Policy = "script-src 'self' *.googletagmanager.com *.trustarc.com *.weglot.com *.disqus.com *.linode.com *.akamai.com 'unsafe-eval' 'unsafe-inline'"
 
 [[redirects]]
 from = "/docs/blog/*"
