From ba4d0a414b58448d4d9744ee51254b931d601dbf Mon Sep 17 00:00:00 2001
From: Jeroen De Meerleer <me@jeroened.be>
Date: Thu, 31 Mar 2022 13:51:38 +0200
Subject: [PATCH] BUGFIX: CSP for forms

---
 lib/Framework/Router.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/Framework/Router.php b/lib/Framework/Router.php
index a1a1a67..ecf550b 100644
--- a/lib/Framework/Router.php
+++ b/lib/Framework/Router.php
@@ -40,7 +40,7 @@ class Router
 
             if ($response instanceof Response) {
                 $response->headers->add([
-                    "Content-Security-Policy" => "default-src 'none'; font-src 'self'; style-src 'self'; script-src 'self'; img-src 'self'; frame-ancestors 'none'; require-trusted-types-for 'script'; base-uri 'none'; ",
+                    "Content-Security-Policy" => "default-src 'none'; font-src 'self'; style-src 'self'; script-src 'self'; img-src 'self'; form-action 'none'; frame-ancestors 'none'; require-trusted-types-for 'script'; base-uri 'none'; ",
                     "Referrer-Policy" => "same-origin"
 
                 ]);