From fba1fd99c2ee47f356eb6b812f0d3c70aa5bfa04 Mon Sep 17 00:00:00 2001
From: Usman Baig <mubaig@pm.me>
Date: Sun, 1 Mar 2026 15:44:10 +0100
Subject: [PATCH] fix: add favicon domains to connect-src for service worker
 compatibility

The PWA service worker (workbox) fetches images via the Fetch API, which
is governed by connect-src, not img-src. Add www.google.com, *.gstatic.com,
and ciphera.net to connect-src so favicon and app icon fetches succeed.
---
 next.config.ts | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/next.config.ts b/next.config.ts
index 694203d..25cc58f 100644
--- a/next.config.ts
+++ b/next.config.ts
@@ -14,7 +14,7 @@ const cspDirectives = [
   "style-src 'self' 'unsafe-inline'",
   "img-src 'self' data: blob: https://www.google.com https://*.gstatic.com https://ciphera.net",
   "font-src 'self'",
-  `connect-src 'self' https://*.ciphera.net https://cdn.jsdelivr.net${process.env.NODE_ENV === 'development' ? ' http://localhost:*' : ''}`,
+  `connect-src 'self' https://*.ciphera.net https://ciphera.net https://www.google.com https://*.gstatic.com https://cdn.jsdelivr.net${process.env.NODE_ENV === 'development' ? ' http://localhost:*' : ''}`,
   "worker-src 'self'",
   "frame-src 'none'",
   "object-src 'none'",