From d5fc3b885293f8f6923c70b2b5ea22a03b201864 Mon Sep 17 00:00:00 2001
From: toufic ar <contact@toufy.me>
Date: Wed, 4 Mar 2026 04:03:03 +0200
Subject: [PATCH] remove upgrade-insecure-requests csp

---
 config/http/default.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/config/http/default.nix b/config/http/default.nix
index f375475..474c18f 100644
--- a/config/http/default.nix
+++ b/config/http/default.nix
@@ -35,7 +35,7 @@ in {
           https   "max-age=31536000; includeSubdomains; preload";
       }
       more_set_headers 'Strict-Transport-Security: $hsts_header';
-      more_set_headers 'Content-Security-Policy: upgrade-insecure-requests; default-src "self"';
+      more_set_headers 'Content-Security-Policy: default-src "self"';
       more_set_headers 'Referrer-Policy: origin-when-cross-origin';
       more_set_headers 'X-Frame-Options: DENY';
       more_set_headers 'X-Content-Type-Options: nosniff';