From 6ff2d80d58bb2f0d95311377b317448afd5d4be2 Mon Sep 17 00:00:00 2001
From: Kait Sewell <36549923+K8Sewell@users.noreply.github.com>
Date: Fri, 6 Dec 2024 15:58:16 -0600
Subject: [PATCH] Allow style attribute (#1076)

---
 config/initializers/content_security_policy.rb | 1 +
 1 file changed, 1 insertion(+)

diff --git a/config/initializers/content_security_policy.rb b/config/initializers/content_security_policy.rb
index 0803b90a..4f45d4bc 100644
--- a/config/initializers/content_security_policy.rb
+++ b/config/initializers/content_security_policy.rb
@@ -15,6 +15,7 @@
       policy.script_src_attr  :self, :unsafe_inline, 'www.googletagmanager.com'
       policy.script_src_elem  :self, :unsafe_inline, 'siteimproveanalytics.com www.googletagmanager.com'
       policy.style_src :self, :unsafe_inline
+      policy.style_src_attr :self, :unsafe_inline
       policy.style_src_elem :self, :unsafe_inline, "#{ENV['IIIF_IMAGE_BASE_URL']}/"
       policy.connect_src :self, "banner.library.yale.edu www.google-analytics.com #{ENV['IIIF_IMAGE_BASE_URL']}/"