From be700fefc3628392205abeabff9a8e4f41c4ed1b Mon Sep 17 00:00:00 2001
From: Tomas Kracmar <tomas.kracmar@cqre.net>
Date: Mon, 27 Apr 2026 10:32:35 +0200
Subject: [PATCH] hotfix(v1.7.10): add font-src to CSP for data URI fonts

---
 VERSION         | 2 +-
 backend/main.py | 3 ++-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/VERSION b/VERSION
index f65dc1e..a412349 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-1.7.9
+1.7.10
diff --git a/backend/main.py b/backend/main.py
index e3f9017..9ff688b 100644
--- a/backend/main.py
+++ b/backend/main.py
@@ -97,7 +97,8 @@ async def cache_control_middleware(request: Request, call_next):
             "connect-src 'self' https://login.microsoftonline.com; "
             "frame-src 'self' https://login.microsoftonline.com; "
             "form-action 'self' https://login.microsoftonline.com; "
-            "img-src 'self' data:;"
+            "img-src 'self' data:; "
+            "font-src 'self' data:;"
         )
     return response