BUGFIX: CSP for forms

This commit is contained in:
Jeroen De Meerleer 2022-03-31 13:51:38 +02:00
parent 339c364910
commit ba4d0a414b
Signed by: JeroenED
GPG Key ID: 28CCCB8F62BFADD6

View File

@ -40,7 +40,7 @@ class Router
if ($response instanceof Response) {
$response->headers->add([
"Content-Security-Policy" => "default-src 'none'; font-src 'self'; style-src 'self'; script-src 'self'; img-src 'self'; frame-ancestors 'none'; require-trusted-types-for 'script'; base-uri 'none'; ",
"Content-Security-Policy" => "default-src 'none'; font-src 'self'; style-src 'self'; script-src 'self'; img-src 'self'; form-action 'none'; frame-ancestors 'none'; require-trusted-types-for 'script'; base-uri 'none'; ",
"Referrer-Policy" => "same-origin"
]);