From cc964ccb9c5970b26c763ef1e493120405bd87cf Mon Sep 17 00:00:00 2001
From: Chad Scharf <3904944+cscharf@users.noreply.github.com>
Date: Mon, 22 Feb 2021 19:15:58 -0500
Subject: [PATCH] Add https://2fa.directory to CSP (#1156)

* Add https://2fa.directory to CSP

* remove old domain for towfactorauth.org
---
 util/Setup/Configuration.cs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/util/Setup/Configuration.cs b/util/Setup/Configuration.cs
index 58eaac40c9..0114d561b8 100644
--- a/util/Setup/Configuration.cs
+++ b/util/Setup/Configuration.cs
@@ -80,7 +80,7 @@ namespace Bit.Setup
             "child-src 'self' https://*.duosecurity.com https://*.duofederal.com; " +
             "frame-src 'self' https://*.duosecurity.com https://*.duofederal.com; " +
             "connect-src 'self' wss://{0} https://api.pwnedpasswords.com " +
-            "https://twofactorauth.org; object-src 'self' blob:;";
+            "https://2fa.directory; object-src 'self' blob:;";
 
         [Description("Communicate with the Bitwarden push relay service (push.bitwarden.com) for mobile\n" +
             "app live sync.")]