From 4e357db25d5cff669b7d4335f40b6c723c212c77 Mon Sep 17 00:00:00 2001
From: Felipe Cardoso <felipe.cardoso@shootify.io>
Date: Fri, 26 Dec 2025 19:00:11 +0100
Subject: [PATCH] Update E2E test for security headers to include `worker-src`
 validation

---
 frontend/e2e/security-headers.spec.ts | 1 +
 1 file changed, 1 insertion(+)

diff --git a/frontend/e2e/security-headers.spec.ts b/frontend/e2e/security-headers.spec.ts
index 7602168..8020d4c 100644
--- a/frontend/e2e/security-headers.spec.ts
+++ b/frontend/e2e/security-headers.spec.ts
@@ -34,6 +34,7 @@ test.describe('Security Headers', () => {
     expect(csp).toContain("default-src 'self'");
     expect(csp).toContain("frame-ancestors 'none'");
     expect(csp).toContain("object-src 'none'");
+    expect(csp).toContain("worker-src 'self' blob:"); // Required for MSW
   });
 
   test('should NOT include deprecated security headers', async ({ request }) => {