From e91903fed2e24bae4c0a7f3e6275d01487dd1076 Mon Sep 17 00:00:00 2001
From: James Cole <james@firefly-iii.org>
Date: Sun, 10 Mar 2024 16:47:59 +0100
Subject: [PATCH] Different orderRemove self

---
 app/Http/Middleware/SecureHeaders.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/Http/Middleware/SecureHeaders.php b/app/Http/Middleware/SecureHeaders.php
index 7ca3ef12c2..3a42618c99 100644
--- a/app/Http/Middleware/SecureHeaders.php
+++ b/app/Http/Middleware/SecureHeaders.php
@@ -55,7 +55,7 @@ class SecureHeaders
             "base-uri 'self'",
             "font-src 'self' data:",
             sprintf("connect-src 'self' %s", $trackingScriptSrc),
-            sprintf("img-src 'strict-dynamic' 'nonce-%1s'", $nonce),
+            sprintf("img-src 'self' 'strict-dynamic' 'nonce-%1s'", $nonce),
             "manifest-src 'self'",
         ];