PrivateCoffee/alltube
4
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Improve CSP

Browse source
This commit is contained in:
Pierre Rudloff 2020-10-20 00:57:26 +02:00
parent e97573922d
commit 4bcf9566ad
1 changed files with 3 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
classes/CspMiddleware.php
View file

@ -39,6 +39,9 @@ class CspMiddleware
$csp->addDirective('default-src', [])
->addDirective('font-src', ['self' => true])
->addDirective('style-src', ['self' => true])
->addDirective('form-action', ['self' => true])
->addDirective('base-uri', [])
->addDirective('frame-ancestors', [])
->addSource('img-src', '*');
if ($this->config->debug) {