From 0f81e0318e997b4d79043ab945eb716e1360a465 Mon Sep 17 00:00:00 2001
From: Your Name <you@example.com>
Date: Mon, 31 Mar 2025 05:05:59 -0400
Subject: [PATCH] Add utils.js to Docker build and update CSP with hash

---
 docker/resume/Caddyfile  | 4 ++--
 docker/resume/Dockerfile | 1 +
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/docker/resume/Caddyfile b/docker/resume/Caddyfile
index f85a859..0dea582 100644
--- a/docker/resume/Caddyfile
+++ b/docker/resume/Caddyfile
@@ -25,8 +25,8 @@
         Cross-Origin-Resource-Policy "same-origin"
         Cross-Origin-Opener-Policy "same-origin"
         
-        # Simplified CSP for static content
-        Content-Security-Policy "default-src 'none'; script-src 'self'; style-src 'self'; img-src 'self' data:; font-src 'self' data:; connect-src 'self'; object-src 'none'; frame-ancestors 'none'; base-uri 'none'; form-action 'none';"
+        # CSP with hash for utils.js and nonce for inline scripts
+        Content-Security-Policy "default-src 'none'; script-src 'self' 'sha256-ryQsJ+aghKKD/CeXgx8jtsnZT3Epp3EjIw8RyHIq544='; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:; connect-src 'self'; object-src 'none'; frame-ancestors 'none'; base-uri 'none'; form-action 'none';"
     }
 
     # Handle 404s
diff --git a/docker/resume/Dockerfile b/docker/resume/Dockerfile
index 868fa2e..715baa0 100644
--- a/docker/resume/Dockerfile
+++ b/docker/resume/Dockerfile
@@ -4,6 +4,7 @@ FROM caddy:2-alpine
 COPY Caddyfile /etc/caddy/Caddyfile
 COPY index.html /srv/
 COPY theme.js /srv/
+COPY utils.js /srv/
 COPY styles.css /srv/
 
 # Expose port 8080