From ddb4b3518193cb833c37891e1420d8ac60b95dbf Mon Sep 17 00:00:00 2001
From: Ankit Patial <ankitpatial@gmail.com>
Date: Sun, 18 May 2025 22:48:11 +0530
Subject: [PATCH] helmet.go removed wildcard directive.

---
 middleware/helmet.go | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/middleware/helmet.go b/middleware/helmet.go
index d8267ba..104cd36 100644
--- a/middleware/helmet.go
+++ b/middleware/helmet.go
@@ -268,7 +268,7 @@ func (csp *CSP) value() string {
 
 	sb.WriteString(fmt.Sprintf(
 		"style-src %s; ",
-		cspNormalised(csp.StyleSrc, []string{"self", "https:", "unsafe-inline"}),
+		cspNormalised(csp.StyleSrc, []string{"self", "unsafe-inline"}),
 	))
 
 	sb.WriteString(fmt.Sprintf(
@@ -288,7 +288,7 @@ func (csp *CSP) value() string {
 
 	sb.WriteString(fmt.Sprintf(
 		"font-src %s; ",
-		cspNormalised(csp.FontSrc, []string{"self", "https:", "data:"}),
+		cspNormalised(csp.FontSrc, []string{"self", "data:"}),
 	))
 
 	sb.WriteString(fmt.Sprintf(