diff --git a/CHANGELOG.md b/CHANGELOG.md index ad618f37c..d0519e0d2 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -11,6 +11,9 @@ You can also check the ## Unreleased +- Fixes + - Correctly set CSP headers for index pages + ## 6.5.0 – 2026-06-01 - Features diff --git a/app/middleware.ts b/app/middleware.ts index 0dfbc5f5f..f081184f9 100644 --- a/app/middleware.ts +++ b/app/middleware.ts @@ -64,6 +64,12 @@ export function middleware(request: NextRequest) { export const config = { matcher: [ + // The negative-lookahead pattern below gets compiled by Next.js (when i18n + // is configured) into a regex that requires two path segments (locale + + // rest), which silently excludes bare locale-root paths like "/", "/de", + // "/en". Add those explicitly so they still go through the middleware. + "/", + "/(de|fr|it|en)", { source: "/((?!_next/static|_next/image|favicon\\.ico).*)", missing: [