Reduce CSP

gatsby-config.ts

@@ -253,7 +253,7 @@ const configuration: GatsbyConfig = {
                 mergeSecurityHeaders: false,
                 headers: {
                     "/*": [
-                        "Content-Security-Policy: connect-src 'self' https://github.githubassets.com; default-src 'self'; font-src 'self' data: https://github.githubassets.com https://fonts.gstatic.com https://fonts.googleapis.com; frame-src 'self'; img-src 'self' data: https://github.githubassets.com https://fonts.gstatic.com https://fonts.googleapis.com; media-src 'self'; object-src 'none'; script-src 'self' https://github.githubassets.com 'unsafe-inline'; style-src 'self' data: https://github.githubassets.com https://fonts.gstatic.com https://fonts.googleapis.com 'unsafe-inline'; worker-src 'self'; report-uri https://giladpeleg.report-uri.com/r/d/csp/enforce; report-to default;",
+                        "Content-Security-Policy: base-uri 'self'; connect-src 'self' https://github.githubassets.com; default-src 'self'; font-src 'self' data: https://github.githubassets.com https://fonts.gstatic.com https://fonts.googleapis.com; frame-src 'self'; img-src 'self' data: https://github.githubassets.com https://fonts.gstatic.com https://fonts.googleapis.com; media-src 'self'; object-src 'none'; script-src 'self' https://github.githubassets.com 'unsafe-inline'; style-src 'self' data: https://github.githubassets.com https://fonts.gstatic.com https://fonts.googleapis.com 'unsafe-inline'; worker-src 'self'; report-uri https://giladpeleg.report-uri.com/r/d/csp/enforce; report-to default;",
                         "Permissions-Policy: fullscreen=(self)",
                         "Referrer-Policy: no-referrer-when-downgrade",
                         `Report-To: '{"group":"default","max_age":31536000,"endpoints":[{"url":"https://giladpeleg.report-uri.com/a/d/g"}],"include_subdomains":true}'`,