From 0c22fe9577935dd95e119e5030162eaa73ea2104 Mon Sep 17 00:00:00 2001
From: Jonatan Nilsson <jonatan@nilsson.is>
Date: Thu, 12 May 2022 16:44:37 +0000
Subject: [PATCH] Final fix unit tests

---
 test/flaska.api.test.mjs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/test/flaska.api.test.mjs b/test/flaska.api.test.mjs
index 91745bd..af49f9a 100644
--- a/test/flaska.api.test.mjs
+++ b/test/flaska.api.test.mjs
@@ -125,7 +125,7 @@ t.describe('#_nonce', function() {
     
     assert.strictEqual(ctx.headers['Server'], 'Flaska')
     assert.strictEqual(ctx.headers['X-Content-Type-Options'], 'nosniff')
-    assert.strictEqual(ctx.headers['Content-Security-Policy'], `default-src 'self'; style-src 'self' 'unsafe-inline' 'nonce-${ctx.state.nonce}'; img-src * data: blob:; object-src 'none'; frame-ancestors 'none'; script-src 'nonce-${ctx.state.nonce}'`)
+    assert.strictEqual(ctx.headers['Content-Security-Policy'], `default-src 'self'; style-src 'self' 'unsafe-inline' 'nonce-${ctx.state.nonce}'; img-src * data: blob:; font-src 'self' data:; object-src 'none'; frame-ancestors 'none'; script-src 'nonce-${ctx.state.nonce}'`)
     assert.strictEqual(ctx.headers['Cross-Origin-Opener-Policy'], 'same-origin')
     assert.strictEqual(ctx.headers['Cross-Origin-Resource-Policy'], 'same-origin')
     assert.strictEqual(ctx.headers['Cross-Origin-Embedder-Policy'], 'require-corp')