From c0942718928f62e2fd33a723ebe46ea49c85fa24 Mon Sep 17 00:00:00 2001
From: Matteo Gheza <matteo.gheza07@gmail.com>
Date: Sun, 27 Jun 2021 01:43:50 +0200
Subject: [PATCH] Fix2

---
 server/core.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/server/core.php b/server/core.php
index bece6f0..376aada 100644
--- a/server/core.php
+++ b/server/core.php
@@ -921,7 +921,7 @@ function init_class($enableDebugger=true, $headers=true)
 
     if($headers) {
         //TODO adding require-trusted-types-for 'script';
-        $script_nonce_csp = (defined("UI_MODE") && get_option("enable_js_nonce")) ? "'nonce-{$tools->script_nonce}' " : "";
+        $script_nonce_csp = (defined("UI_MODE") && get_option("enable_js_nonce")) ? "'nonce-{$tools->script_nonce}' " : "'unsafe-inline' ";
         $csp_rules = [
             "default-src 'self' data: *.tile.openstreetmap.org nominatim.openstreetmap.org",
             "connect-src 'self' *.sentry.io nominatim.openstreetmap.org",