Fix: HCaptcha broken.

files/routes/allroutes.py

@@ -54,10 +54,10 @@ def after_request(response: Response):
 	response.headers.add("Content-Security-Policy", ("""
 		script-src 'self' 'unsafe-inline' https://*.googletagmanager.com https://hcaptcha.com https://*.hcaptcha.com;
 		img-src 'self' https://*.google-analytics.com https://*.googletagmanager.com;
-		connect-src 'self' https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://hcaptcha.com, https://*.hcaptcha.com;
+		connect-src 'self' https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://hcaptcha.com https://*.hcaptcha.com;
 		object-src 'none';
 		frame-src https://hcaptcha.com https://*.hcaptcha.com;
-		style-src https://hcaptcha.com https://*.hcaptcha.com;
+		style-src 'self' 'unsafe-inline' https://hcaptcha.com https://*.hcaptcha.com;
 	""".replace('\n', '').replace('\t', ' ')))
 	response.headers.add("Strict-Transport-Security", "max-age=31536000")
 	response.headers.add("X-Frame-Options", "deny")

files/templates/contact.html

@@ -40,6 +40,6 @@
 		<p>If you can see this line, we haven't been contacted by any law enforcement or governmental organizations in 2023 yet.</p>
 	</section>
 	{% if hcaptcha %}
-		<script src="{{ 'js/hcaptcha.js' | asset }}"></script>
+		<script src="https://js.hcaptcha.com/1/api.js" async defer></script>
 	{% endif %}
 {% endblock %}

files/templates/login/sign_up.html

@@ -56,6 +56,6 @@
 {%- block scripts -%}
 <script src="{{ 'js/signup.js' | asset }}"></script>
 {% if hcaptcha %}
-	<script src="{{ 'js/hcaptcha.js' | asset }}"></script>
+	<script src="https://js.hcaptcha.com/1/api.js" async defer></script>
 {% endif %}
 {%- endblock -%}