Change CSP references from SITE_URL to self

frontend/next.config.js

@@ -1,19 +1,15 @@
 // next.config.js
 
 const ContentSecurityPolicy = `
-	default-src ${process.env.NEXT_PUBLIC_WEBSITE_URL};
-	script-src ${
-    process.env.NEXT_PUBLIC_WEBSITE_URL
-  } https://app.posthog.com https://infisical.com https://assets.calendly.com/ https://js.stripe.com https://api.stripe.com 'unsafe-inline' 'unsafe-eval';
-	style-src 'self' https://rsms.me 'unsafe-inline';
-	child-src https://infisical.com https://api.stripe.com;
-	frame-src https://js.stripe.com/ https://api.stripe.com;
-	connect-src ws://${process.env.NEXT_PUBLIC_WEBSITE_URL?.split("//")[1]} ${
-  process.env.NEXT_PUBLIC_WEBSITE_URL
-} https://api.github.com/repos/Infisical/infisical-cli https://api.heroku.com/ https://id.heroku.com/oauth/authorize https://id.heroku.com/oauth/token https://checkout.stripe.com https://app.posthog.com https://infisical.com https://api.stripe.com https://vitals.vercel-insights.com/v1/vitals;
-	img-src 'self' https://*.stripe.com https://i.ytimg.com/ data:;
-	media-src;
-	font-src 'self' https://maxcdn.bootstrapcdn.com https://rsms.me https://fonts.gstatic.com;  
+    default-src 'self';
+    script-src 'self' https://app.posthog.com https://js.stripe.com https://api.stripe.com 'unsafe-inline' 'unsafe-eval';
+    style-src 'self' https://rsms.me 'unsafe-inline';
+    child-src https://api.stripe.com;
+    frame-src https://js.stripe.com/ https://api.stripe.com;
+    connect-src 'self' https://api.heroku.com/ https://id.heroku.com/oauth/authorize https://id.heroku.com/oauth/token https://checkout.stripe.com https://app.posthog.com https://api.stripe.com;
+    img-src 'self' https://*.stripe.com https://i.ytimg.com/ data:;
+    media-src;
+    font-src 'self' https://maxcdn.bootstrapcdn.com https://rsms.me https://fonts.gstatic.com;  
 `;
 
 // You can choose which headers to add to the list