From 4c119e313a6c1ab74da9c81daad7173a6608553b Mon Sep 17 00:00:00 2001
From: Diwakar <diwakar.s.maurya@gmail.com>
Date: Sun, 1 Dec 2024 11:04:51 +0700
Subject: [PATCH] Update env-configuration.md

Update docs as per https://github.com/open-webui/open-webui/pull/7493
---
 docs/getting-started/advanced-topics/env-configuration.md | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/docs/getting-started/advanced-topics/env-configuration.md b/docs/getting-started/advanced-topics/env-configuration.md
index 82f0537..d2878cd 100644
--- a/docs/getting-started/advanced-topics/env-configuration.md
+++ b/docs/getting-started/advanced-topics/env-configuration.md
@@ -345,6 +345,12 @@ requests initiated by third-party websites, but only over HTTPS.
 - Default: `False`
 - Description: Sets the `Secure` attribute for session cookies if set to `True`.
 
+#### `CONTENT_SECURITY_POLICY`
+
+- Type: `str`
+- Description: Sets the `content-security-policy` HTTP header
+- Example: `default-src 'self' 'unsafe-inline'; img-src 'self' https://* data:; child-src 'none'; font-src 'self' data:;`
+
 #### `AIOHTTP_CLIENT_TIMEOUT`
 
 - Type: `int`