ENHANCEMENT: implemented CSP

This commit is contained in:
Jeroen De Meerleer 2022-02-01 14:29:41 +01:00
parent c9b109601a
commit ce70f7fdbc
Signed by: JeroenED
GPG Key ID: 28CCCB8F62BFADD6

View File

@ -39,6 +39,9 @@ class Router
$response = $controllerObj->$action(...$method);
if ($response instanceof Response) {
$response->headers->add([
"Content-Security-Policy" => "default-src 'none'; font-src 'self'; style-src 'self'; script-src 'self'; img-src 'self'; require-trusted-types-for 'script'"
]);
return $response;
} else {
throw new InvalidArgumentException();