From 00af0ed63ccdb1d7630e8fdffa1cdb2fab82faad Mon Sep 17 00:00:00 2001
From: CodingOnStar <hanxujiang@dify.ai>
Date: Mon, 20 Oct 2025 11:42:01 +0800
Subject: [PATCH] refactor: update Content Security Policy to allow
 'wasm-unsafe-eval' and set nonce in response headers

---
 web/middleware.ts | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/web/middleware.ts b/web/middleware.ts
index b5e3104508..7db0e4fab2 100644
--- a/web/middleware.ts
+++ b/web/middleware.ts
@@ -33,7 +33,7 @@ export function middleware(request: NextRequest) {
   const cspHeader = `
     default-src 'self' ${scheme_source} ${csp} ${whiteList};
     connect-src 'self' ${scheme_source} ${csp} ${whiteList};
-    script-src 'self' 'wasm-unsafe-eval' ${scheme_source} ${csp} ${whiteList};
+    script-src 'self' ${scheme_source} ${csp} ${whiteList};
     style-src 'self' 'unsafe-inline' ${scheme_source} ${whiteList};
     worker-src 'self' ${scheme_source} ${csp} ${whiteList};
     media-src 'self' ${scheme_source} ${csp} ${whiteList};