From a8ece37a3a0853dabe82a0d084c1a7b2718ee48a Mon Sep 17 00:00:00 2001
From: Andrea Dell'Amico <andrea.dellamico@isti.cnr.it>
Date: Wed, 28 Jul 2021 14:35:12 +0200
Subject: [PATCH] Do not quote the domains in the security options.

---
 templates/nginx-virthost.j2 | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/templates/nginx-virthost.j2 b/templates/nginx-virthost.j2
index 7111c95..053d52e 100644
--- a/templates/nginx-virthost.j2
+++ b/templates/nginx-virthost.j2
@@ -51,7 +51,7 @@ server {
     add_header X-Frame-Options "{{ nginx_x_frame_options }}";
     {% endif %}
     {% if nginx_set_content_security_options %}
-    add_header Content-Security-Policy "frame-ancestors {% for l in nginx_content_security_acl %} '{{ l }}'{% endfor %};";
+    add_header Content-Security-Policy "frame-ancestors {% for l in nginx_content_security_acl %} {{ l }}{% endfor %};";
     {% endif %}
     server_tokens {{ item.server_tokens | default('off') }};
 
@@ -265,7 +265,7 @@ server {
     add_header X-Frame-Options "{{ nginx_x_frame_options }}";
     {% endif %}
     {% if nginx_set_content_security_options %}
-    add_header Content-Security-Policy "frame-ancestors {% for l in nginx_content_security_acl %} '{{ l }}'{% endfor %};";
+    add_header Content-Security-Policy "frame-ancestors {% for l in nginx_content_security_acl %} {{ l }}{% endfor %};";
     {% endif %}
     server_tokens {{ item.server_tokens | default('off') }};