From 86d7fdc8d084808ce35ff497615327178305e830 Mon Sep 17 00:00:00 2001
From: fwcd <fwcd@fwcd.dev>
Date: Sun, 18 Aug 2024 21:22:14 +0200
Subject: [PATCH] Netlify: Add MathJax to the Content-Security-Policy

---
 netlify.toml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/netlify.toml b/netlify.toml
index ba5594842f..35760da8f8 100644
--- a/netlify.toml
+++ b/netlify.toml
@@ -26,7 +26,8 @@
     # also specified inline, and unsafe inline JS script blocks are allowed
     # because it's needed for RTD theme navigation and the search function:
     # https://github.com/readthedocs/sphinx_rtd_theme/issues/817
-    Content-Security-Policy = "default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline'"
+    # We also allow loading MathJax, which is needed to render math formulas.
+    Content-Security-Policy = "default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' https://cdn.jsdelivr.net/npm/mathjax@3/ 'unsafe-inline'; font-src 'self' https://cdn.jsdelivr.net/npm/mathjax@3/"
 
     # Disable all browser features that we don't need. Unfortunately
     # there is no way to specify a default for all directives yet, so