From 83ae204a1ce88c900995537e05a35adc043675bf Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Elif=20Meri=C3=A7?= <elifmeric@sabanciuniv.edu>
Date: Tue, 5 Nov 2024 09:17:27 +0300
Subject: [PATCH] Add frame-ancestor and cloudflare insights to CSP

---
 package-lock.json | 4 ++--
 package.json      | 2 +-
 src/prpl.ts       | 2 +-
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index fb703e9..6a5ba9a 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -1,12 +1,12 @@
 {
   "name": "@migroscomtr/prpl-server",
-  "version": "1.4.56",
+  "version": "1.4.57",
   "lockfileVersion": 2,
   "requires": true,
   "packages": {
     "": {
       "name": "@migroscomtr/prpl-server",
-      "version": "1.4.56",
+      "version": "1.4.57",
       "license": "BSD-3-Clause",
       "dependencies": {
         "ansi-escape-sequences": "^5.1.2",
diff --git a/package.json b/package.json
index 2a01511..46f4b8c 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@migroscomtr/prpl-server",
-  "version": "1.4.56",
+  "version": "1.4.57",
   "description": "A Node implementation of the PRPL pattern for serving Progressive Web Apps",
   "repository": "git@github.com:migroscomtr/prpl-server.git",
   "main": "lib/prpl.js",
diff --git a/src/prpl.ts b/src/prpl.ts
index 5661adf..4eb8ec2 100644
--- a/src/prpl.ts
+++ b/src/prpl.ts
@@ -294,7 +294,7 @@ export function makeHandler(root?: string, config?: Config): (
         + "font-src 'self' data: https://fonts.gstatic.com ; "
         + `img-src data: blob: 'self' 'unsafe-inline' https://*.migrosone.com ${imageSrcAllowedHosts.join(' ')} ; `
         + `frame-src ${frameSrcAllowedHosts.join(' ')} ; `
-        + "frame-ancestor 'self https://*.migros.com.tr"
+        + "frame-ancestors 'self' https://*.migros.com.tr ; "
         + `style-src 'self' 'unsafe-inline' ${styleSrcAllowedHosts.join(' ')} ;`
         + `manifest-src 'self' ; `
         + "worker-src 'self' blob: ;"