Add hotjar font CSP domain

webapp/config/services.yaml

@@ -53,4 +53,5 @@ services:
                 scriptSrc: "'self' 'unsafe-inline' https://*.googletagmanager.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com"
                 imgSrc: "'self' https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.g.doubleclick.net https://*.google.com data: https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com"
                 connectSrc: "'self' https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.g.doubleclick.net https://*.google.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com"
+                fontSrc: "'self' https://*.hotjar.com"
                 frameAncestors: "'self'"

webapp/src/EventListener/AddContentSecurityPolicyListener.php

@@ -24,6 +24,7 @@ public function __invoke(ResponseEvent $event): void
             $this->getScriptSrcCsp(),
             $this->getImageSrcCsp(),
             $this->getConnectSrcCsp(),
+            $this->getFontSrcScp(),
             $this->getFrameAncestorsCsp()
         ]);
 
@@ -58,6 +59,11 @@ private function getConnectSrcCsp(): string
         return "connect-src " . $this->cspConfig['connectSrc'];
     }
 
+    private function getFontSrcScp(): string
+    {
+        return "font-src " . $this->cspConfig['fontSrc'];
+    }
+
     private function getFrameAncestorsCsp(): string
     {
         return "frame-ancestors " . $this->cspConfig['frameAncestors'];