BUGFIX: CSP did not allow runnow

2022-02-02 13:00:17 +01:00 · 2022-02-02 13:00:17 +01:00 · 67ebf9045c
parent ce1a22a6a9
commit 67ebf9045c
1 changed files with 1 additions and 1 deletions
--- a/lib/Framework/Router.php
+++ b/lib/Framework/Router.php
@ -34,7 +34,7 @@ class Router

        if ($response instanceof Response) {
            $response->headers->add([
-                "Content-Security-Policy" => "default-src 'none'; font-src 'self'; style-src 'self'; script-src 'self'; img-src 'self' data:; form-action 'self'; require-trusted-types-for 'script'"
+                "Content-Security-Policy" => "default-src 'none'; font-src 'self'; style-src 'self'; script-src 'self'; connect-src 'self'; img-src 'self' data:; form-action 'self'; require-trusted-types-for 'script'; frame-ancestors 'none'; base-uri 'none'"
                ]);
            return $response;
        } else {