From 92b7ef40af003d7e91900b17dbf389a66e0349e2 Mon Sep 17 00:00:00 2001
From: Deluan <deluan@navidrome.org>
Date: Tue, 6 Oct 2020 11:24:59 -0400
Subject: [PATCH] Disable CSP for now

---
 server/middlewares.go | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/server/middlewares.go b/server/middlewares.go
index 6b72861ff..f4b335f8b 100644
--- a/server/middlewares.go
+++ b/server/middlewares.go
@@ -70,11 +70,11 @@ func robotsTXT(fs http.FileSystem) func(next http.Handler) http.Handler {
 
 func secureMiddleware() func(h http.Handler) http.Handler {
 	sec := secure.New(secure.Options{
-		ContentTypeNosniff:    true,
-		FrameDeny:             true,
-		ReferrerPolicy:        "same-origin",
-		FeaturePolicy:         "autoplay 'none'; camera: 'none'; display-capture 'none'; microphone: 'none'; usb: 'none'",
-		ContentSecurityPolicy: "script-src 'self' 'unsafe-inline'",
+		ContentTypeNosniff: true,
+		FrameDeny:          true,
+		ReferrerPolicy:     "same-origin",
+		FeaturePolicy:      "autoplay 'none'; camera: 'none'; display-capture 'none'; microphone: 'none'; usb: 'none'",
+		//ContentSecurityPolicy: "script-src 'self' 'unsafe-inline'",
 	})
 	return sec.Handler
 }