diff --git a/src/server/middleware.ts b/src/server/middleware.ts
index 0420e47e8..270584315 100644
--- a/src/server/middleware.ts
+++ b/src/server/middleware.ts
@@ -10,7 +10,16 @@ export function setDefaultCsp({
}) {
res.setHeader(
"Content-Security-Policy",
- `default-src 'self'; manifest-src *; connect-src *; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; form-action 'self'; base-uri 'self'; frame-src *; media-src * data:`
+ `default-src 'self';
+ manifest-src *;
+ connect-src *;
+ img-src * data:;
+ script-src 'self';
+ style-src 'self' 'unsafe-inline';
+ form-action 'self';
+ base-uri 'self';
+ frame-src *;
+ media-src * data:`.replace(/\s+/g, " ")
);
next();
diff --git a/src/server/utils/create-ssr-html.tsx b/src/server/utils/create-ssr-html.tsx
index ba85228f2..a72bfe4ec 100644
--- a/src/server/utils/create-ssr-html.tsx
+++ b/src/server/utils/create-ssr-html.tsx
@@ -1,7 +1,6 @@
import { getStaticDir } from "@utils/env";
import { Helmet } from "inferno-helmet";
import { renderToString } from "inferno-server";
-import serialize from "serialize-javascript";
import sharp from "sharp";
import { favIconPngUrl, favIconUrl } from "../../shared/config";
import { ILemmyConfig, IsoDataOptionalSite } from "../../shared/interfaces";
@@ -59,8 +58,12 @@ export async function createSsrHtml(
-
-
+
+
${erudaStr}
diff --git a/src/shared/utils/app/set-iso-data.ts b/src/shared/utils/app/set-iso-data.ts
index 1e149bb22..a4e540392 100644
--- a/src/shared/utils/app/set-iso-data.ts
+++ b/src/shared/utils/app/set-iso-data.ts
@@ -6,6 +6,8 @@ export default function setIsoData(
): IsoData {
// If its the browser, you need to deserialize the data from the window
if (isBrowser()) {
- return window.isoData;
+ const ele = document.getElementById("isoData");
+ if (!ele) throw Error("could not find iso data");
+ return JSON.parse(ele.textContent ?? "");
} else return context.router.staticContext;
}