From bca79f09fcfe71c242912de17bf291ba7bfdcada Mon Sep 17 00:00:00 2001
From: jlenon7 <lenonSec7@gmail.com>
Date: Sat, 4 Jan 2025 16:30:38 -0300
Subject: [PATCH] chore(view): disable csp

---
 package-lock.json       | 4 ++--
 package.json            | 2 +-
 src/context/Response.ts | 7 +++++--
 3 files changed, 8 insertions(+), 5 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index 9aba4d5..4f832f8 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -1,12 +1,12 @@
 {
   "name": "@athenna/http",
-  "version": "5.15.0",
+  "version": "5.16.0",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "@athenna/http",
-      "version": "5.15.0",
+      "version": "5.16.0",
       "license": "MIT",
       "devDependencies": {
         "@athenna/artisan": "^5.3.0",
diff --git a/package.json b/package.json
index 871b638..9ae1c56 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@athenna/http",
-  "version": "5.15.0",
+  "version": "5.16.0",
   "description": "The Athenna Http server. Built on top of fastify.",
   "license": "MIT",
   "author": "João Lenon <lenon@athenna.io>",
diff --git a/src/context/Response.ts b/src/context/Response.ts
index bf2c51b..8f70353 100644
--- a/src/context/Response.ts
+++ b/src/context/Response.ts
@@ -122,9 +122,12 @@ export class Response {
       .share({ request: this.request })
       .render(view, data)
 
-    await this.safeHeader('Content-Type', 'text/html; charset=utf-8').send(
-      content
+    await this.header(
+      'Content-Security-Policy',
+      "default-src 'self' 'unsafe-inline'"
     )
+      .safeHeader('Content-Type', 'text/html; charset=utf-8')
+      .send(content)
 
     this.response.body = content