From 191275669602054ab62b3fefd62a85815f4c0a7d Mon Sep 17 00:00:00 2001
From: Caroline <4971715+carolineBda@users.noreply.github.com>
Date: Thu, 17 Oct 2024 09:11:23 +0200
Subject: [PATCH] =?UTF-8?q?fix(csp=20config):=20retrait=20de=20la=20r?=
 =?UTF-8?q?=C3=A8gle=20"data:"=20(#6218)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 packages/code-du-travail-frontend/next.config.mjs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/packages/code-du-travail-frontend/next.config.mjs b/packages/code-du-travail-frontend/next.config.mjs
index 309d9e0010..b0e8f44d81 100644
--- a/packages/code-du-travail-frontend/next.config.mjs
+++ b/packages/code-du-travail-frontend/next.config.mjs
@@ -2,7 +2,7 @@ import { withSentryConfig } from "@sentry/nextjs";
 import MappingReplacement from "./redirects.json" assert { type: "json" };
 
 const ContentSecurityPolicy = `
-img-src 'self' https://travail-emploi.gouv.fr https://www.service-public.fr https://cdtn-prod-public.s3.gra.io.cloud.ovh.net https://matomo.fabrique.social.gouv.fr data:;
+img-src 'self' https://travail-emploi.gouv.fr https://www.service-public.fr https://cdtn-prod-public.s3.gra.io.cloud.ovh.net https://matomo.fabrique.social.gouv.fr;
 script-src 'self' https://mon-entreprise.urssaf.fr https://matomo.fabrique.social.gouv.fr https://tally.so ${
   process.env.NEXT_PUBLIC_APP_ENV !== "production" ? "'unsafe-eval'" : ""
 };