From 63f7e0cc4cae65b01449298134842f1652e25c27 Mon Sep 17 00:00:00 2001
From: Zias van Nes <vanneszias@icloud.com>
Date: Tue, 7 Oct 2025 14:41:17 +0200
Subject: [PATCH] fix:csp issue

---
 src/hooks.server.ts   | 17 +++++++++--------
 src/service-worker.ts | 19 ++++++++++---------
 2 files changed, 19 insertions(+), 17 deletions(-)

diff --git a/src/hooks.server.ts b/src/hooks.server.ts
index 1298ce3..2d8c0d4 100644
--- a/src/hooks.server.ts
+++ b/src/hooks.server.ts
@@ -46,14 +46,15 @@ export const handle: Handle = async ({ event, resolve }) => {
 	response.headers.set(
 		'Content-Security-Policy',
 		"default-src 'self'; " +
-		"script-src 'self' 'unsafe-inline' 'unsafe-eval'; " +
-		"style-src 'self' 'unsafe-inline' fonts.googleapis.com; " +
-		"font-src 'self' fonts.gstatic.com; " +
-		"img-src 'self' data: blob: *.openstreetmap.org *.tile.openstreetmap.org; " +
-		"connect-src 'self' *.openstreetmap.org; " +
-		"frame-ancestors 'none'; " +
-		"base-uri 'self'; " +
-		"form-action 'self';"
+			"script-src 'self' 'unsafe-inline' 'unsafe-eval'; " +
+			"worker-src 'self' blob:; " +
+			"style-src 'self' 'unsafe-inline' fonts.googleapis.com; " +
+			"font-src 'self' fonts.gstatic.com; " +
+			"img-src 'self' data: blob: *.openstreetmap.org *.tile.openstreetmap.org; " +
+			"connect-src 'self' *.openstreetmap.org; " +
+			"frame-ancestors 'none'; " +
+			"base-uri 'self'; " +
+			"form-action 'self';"
 	);
 
 	response.headers.set('X-Frame-Options', 'DENY');
diff --git a/src/service-worker.ts b/src/service-worker.ts
index dd710c9..6ec9851 100644
--- a/src/service-worker.ts
+++ b/src/service-worker.ts
@@ -26,11 +26,7 @@ const ASSETS = [
 ];
 
 // Assets to precache for better performance
-const CRITICAL_ASSETS = [
-	'/cafe-bg-compressed.jpg',
-	'/fonts/Washington.ttf',
-	'/logo.svg'
-];
+const CRITICAL_ASSETS = ['/cafe-bg-compressed.jpg', '/fonts/Washington.ttf', '/logo.svg'];
 
 self.addEventListener('install', (event) => {
 	// Create a new cache and add all files to it
@@ -47,7 +43,12 @@ self.addEventListener('install', (event) => {
 				try {
 					const response = await fetch(asset);
 					if (response.ok) {
-						if (asset.includes('jpg') || asset.includes('jpeg') || asset.includes('png') || asset.includes('webp')) {
+						if (
+							asset.includes('jpg') ||
+							asset.includes('jpeg') ||
+							asset.includes('png') ||
+							asset.includes('webp')
+						) {
 							await imageCache.put(asset, response);
 						} else {
 							await cache.put(asset, response);
@@ -163,9 +164,9 @@ self.addEventListener('fetch', (event) => {
 		} catch (err) {
 			// Try all caches for fallback
 			const cachedResponse =
-				await cache.match(event.request) ||
-				await runtimeCache.match(event.request) ||
-				await imageCache.match(event.request);
+				(await cache.match(event.request)) ||
+				(await runtimeCache.match(event.request)) ||
+				(await imageCache.match(event.request));
 
 			if (cachedResponse) {
 				return cachedResponse;