From 973c05b33327c1a3f58cf2b8554a6bb4710676a0 Mon Sep 17 00:00:00 2001
From: Kevin Veen-Birkenbach <kevin@veen.world>
Date: Fri, 24 Nov 2023 09:07:20 +0100
Subject: [PATCH] Deactivated content security policy for tracking

---
 .../nginx-matomo-tracking/templates/matomo-tracking.conf.j2  | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/roles/nginx-matomo-tracking/templates/matomo-tracking.conf.j2 b/roles/nginx-matomo-tracking/templates/matomo-tracking.conf.j2
index 47fa3357..4ea8f5dc 100644
--- a/roles/nginx-matomo-tracking/templates/matomo-tracking.conf.j2
+++ b/roles/nginx-matomo-tracking/templates/matomo-tracking.conf.j2
@@ -1,6 +1,5 @@
-# Add CSP header
-more_set_headers "Content-Security-Policy: default-src 'self'; img-src 'self' https://matomo.{{top_domain}}; script-src 'self' 'unsafe-inline' https://matomo.{{top_domain}};";
-
+# Deactivate CSP header
+more_set_headers "Content-Security-Policy: ";
 
 # sub filters to integrate matomo tracking code in nginx websites
 sub_filter '</head>' '<script>{{matomo_tracking_code_one_liner}}</script></head>';