From e580093a345d3dd91b6cb291f87ba994ede52b9c Mon Sep 17 00:00:00 2001
From: James Cole <james@firefly-iii.org>
Date: Thu, 8 Apr 2021 12:05:08 +0200
Subject: [PATCH] Weird headers.

---
 app/Http/Middleware/SecureHeaders.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/Http/Middleware/SecureHeaders.php b/app/Http/Middleware/SecureHeaders.php
index e1bc4ea3a6..82bf301873 100644
--- a/app/Http/Middleware/SecureHeaders.php
+++ b/app/Http/Middleware/SecureHeaders.php
@@ -54,7 +54,7 @@ class SecureHeaders
             "default-src 'none'",
             "object-src 'self'",
             sprintf("script-src 'unsafe-inline' 'nonce-%1s' %2s", $nonce, $trackingScriptSrc),
-            "frame-ancestors 'none'",
+            "style-src 'self' 'unsafe-inline'",
             "base-uri 'self'",
             "font-src 'self' data:",
             "connect-src 'self'",