From 8c336ebf811744cc84cb3874c85ef38d3b21471b Mon Sep 17 00:00:00 2001
From: colin <colin@nixc.us>
Date: Thu, 3 Jul 2025 19:13:56 -0400
Subject: [PATCH] Fix button icons by adding Bootstrap Icons CSS and updating
 CSP to allow CDN resources

---
 docker/ploughshares/app.py              | 4 ++--
 docker/ploughshares/templates/base.html | 1 +
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/docker/ploughshares/app.py b/docker/ploughshares/app.py
index 6c3a3f9..997630f 100644
--- a/docker/ploughshares/app.py
+++ b/docker/ploughshares/app.py
@@ -59,9 +59,9 @@ if CSP_CUSTOM_CSS_HASH:
 csp = {
     'default-src': ["'self'", "'unsafe-inline'", "'unsafe-eval'", "data:", "blob:"],
     'script-src': ["'self'", "'unsafe-inline'", "'unsafe-eval'"],
-    'style-src': ["'self'", "'unsafe-inline'"],
+    'style-src': ["'self'", "'unsafe-inline'", "cdn.jsdelivr.net"],
     'img-src': ["'self'", "data:", "blob:"],
-    'font-src': ["'self'", "data:"],
+    'font-src': ["'self'", "data:", "cdn.jsdelivr.net"],
     'connect-src': ["'self'", "*"],
     'manifest-src': "'self'",
     'object-src': "'none'",  # Still explicitly disallow objects
diff --git a/docker/ploughshares/templates/base.html b/docker/ploughshares/templates/base.html
index 4d98573..98e5a03 100644
--- a/docker/ploughshares/templates/base.html
+++ b/docker/ploughshares/templates/base.html
@@ -6,6 +6,7 @@
     <title>{% block title %}Project Ploughshares - Transaction Management System{% endblock %}</title>
     <link rel="icon" type="image/x-icon" href="{{ url_for('static', filename='favicon.ico') }}">
     <link rel="stylesheet" href="{{ url_for('static', filename='css/bootstrap.min.css') }}">
+    <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/bootstrap-icons@1.11.3/font/bootstrap-icons.min.css">
     <link rel="stylesheet" href="{{ url_for('static', filename='css/custom.css') }}">
 </head>
 <body>